Stay Connected:

ELSA-2012-0103

ELSA-2012-0103 - squirrelmail security update

Type:SECURITY
Severity:MODERATE
Release Date:2012-02-08

Description


[1.4.8-5.0.1.el5_7.13]
- Remove Redhat splash screen images

[1.4.8-5.13]
- fix typo in CVE-20210-4555 patch

[1.4.8-5.12]
- patch for CVE-2010-2813 was not complete

[1.4.8-5.11]
- fix: CVE-2010-1637 : Port-scans via non-standard POP3 server ports in
Mail Fetch plugin
- fix: CVE-2010-2813 : DoS (disk space consumption) by random IMAP login
attempts with 8-bit characters in the password
- fix: CVE-2010-4554 : Prone to clickjacking attacks
- fix: CVE-2010-4555 : Multiple XSS flaws
[tag handling]
- fix: CVE-2011-2752 : CRLF injection vulnerability
- fix: CVE-2011-2753 : CSRF in the empty trash feature and in Index Order page


Related CVEs


CVE-2010-1637
CVE-2010-2813
CVE-2010-4554
CVE-2010-4555
CVE-2011-2023
CVE-2011-2752
CVE-2011-2753

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 4 (i386) squirrelmail-1.4.8-18.0.1.el4.src.rpma39f3df8d31b715fc08148ae4ea429b8-
squirrelmail-1.4.8-18.0.1.el4.noarch.rpm59def2e657006252276e37a1cbe5ad80-
Oracle Linux 4 (ia64) squirrelmail-1.4.8-18.0.1.el4.src.rpma39f3df8d31b715fc08148ae4ea429b8-
squirrelmail-1.4.8-18.0.1.el4.noarch.rpm59def2e657006252276e37a1cbe5ad80-
Oracle Linux 4 (x86_64) squirrelmail-1.4.8-18.0.1.el4.src.rpma39f3df8d31b715fc08148ae4ea429b8-
squirrelmail-1.4.8-18.0.1.el4.noarch.rpm59def2e657006252276e37a1cbe5ad80-
Oracle Linux 5 (i386) squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm533e3e864cd549c6b3dd7a715358def9ELSA-2013-0126
squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm60713f164f468d17bb009a65835f6ca2ELSA-2013-0126
Oracle Linux 5 (ia64) squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm533e3e864cd549c6b3dd7a715358def9ELSA-2013-0126
squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm60713f164f468d17bb009a65835f6ca2ELSA-2013-0126
Oracle Linux 5 (x86_64) squirrelmail-1.4.8-5.0.1.el5_7.13.src.rpm533e3e864cd549c6b3dd7a715358def9ELSA-2013-0126
squirrelmail-1.4.8-5.0.1.el5_7.13.noarch.rpm60713f164f468d17bb009a65835f6ca2ELSA-2013-0126



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights