You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa squirrelmail

Sigurnosni nedostatak programskog paketa squirrelmail

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2017-0b6da97aa5
2017-06-02 17:35:03.195274
——————————————————————————–

Name : squirrelmail
Product : Fedora 24
Version : 1.4.22
Release : 19.fc24
URL : http://www.squirrelmail.org/
Summary : webmail client written in php
Description :
SquirrelMail is a basic webmail package written in PHP4. It
includes built-in pure PHP support for the IMAP and SMTP protocols, and
all pages render in pure HTML 4.0 (with no JavaScript) for maximum
compatibility across browsers. It has very few requirements and is very
easy to configure and install.

——————————————————————————–
Update Information:

fix insufficient escaping of user-supplied data (CVE-2017-7692)
——————————————————————————–
References:

[ 1 ] Bug #1445165 – CVE-2017-7692 squirrelmail: Insufficient escaping of user-supplied data
https://bugzilla.redhat.com/show_bug.cgi?id=1445165
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade squirrelmail’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-f85c37ae3d
2017-06-02 17:35:06.903270
——————————————————————————–

Name : squirrelmail
Product : Fedora 25
Version : 1.4.22
Release : 19.fc25
URL : http://www.squirrelmail.org/
Summary : webmail client written in php
Description :
SquirrelMail is a basic webmail package written in PHP4. It
includes built-in pure PHP support for the IMAP and SMTP protocols, and
all pages render in pure HTML 4.0 (with no JavaScript) for maximum
compatibility across browsers. It has very few requirements and is very
easy to configure and install.

——————————————————————————–
Update Information:

fix insufficient escaping of user-supplied data (CVE-2017-7692)
——————————————————————————–
References:

[ 1 ] Bug #1445165 – CVE-2017-7692 squirrelmail: Insufficient escaping of user-supplied data
https://bugzilla.redhat.com/show_bug.cgi?id=1445165
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade squirrelmail’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-06-0014-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa mariadb

Otkriveni su sigurnosni nedostaci u programskom paketu mariadb za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju otkrivanje osjetljivih informacija...

Close