FSA/FC6/FEDORA-2007-505

[SECURITY] Fedora Core 6 Update: squirrelmail-1.4.10a-1.fc6
- Fedora Update Notification FEDORA-2007-505 2007-05-14 -

Product    : Fedora Core 6 Name       : squirrelmail Version    : 1.4.10a Release    : 1.fc6 Summary    : SquirrelMail webmail client Description : SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install.

- Update Information:

Upgrade to new upstream squirrelmail-1.4.10a. This update also fixes CVE-2007-1262 and CVE-2006-6142 - - upgrade to new upstream 1.4.10a - resolves: #239704: CVE-2007-1262 squirrelmail cross-site scripting flaw - resolves: #218297: CVE-2006-6142 Three XSS issues in SquirrelMail
 * Fri May 11 2007 Martin Bacovsky - 1.4.10a-1

- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

6f715a5dffd1c076ee42c5914621542b4ce82233 SRPMS/squirrelmail-1.4.10a-1.fc6.src.rpm 6f715a5dffd1c076ee42c5914621542b4ce82233 noarch/squirrelmail-1.4.10a-1.fc6.src.rpm 5965e3a06471b702e8fe4a47c509c315fa6a42c1 ppc/squirrelmail-1.4.10a-1.fc6.noarch.rpm 5965e3a06471b702e8fe4a47c509c315fa6a42c1 x86_64/squirrelmail-1.4.10a-1.fc6.noarch.rpm 5965e3a06471b702e8fe4a47c509c315fa6a42c1 i386/squirrelmail-1.4.10a-1.fc6.noarch.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. -