[SECURITY] [DLA 1484-1] squirrelmail security update

2018-08-30T15:46:39
ID DEBIAN:DLA-1484-1:7DA8D
Type debian
Reporter Debian
Modified 2018-08-30T15:46:39

Description

Package : squirrelmail Version : 2:1.4.23~svn20120406-2+deb8u3 CVE IDs : CVE-2018-14950 CVE-2018-14951 CVE-2018-14952 CVE-2018-14953 CVE-2018-14954 CVE-2018-14955 Debian Bug : #905023

It was discovered that there were a number of Cross Site Scripting (XSS) vulnerabilities in the squirrelmail webmail client.

For Debian 8 "Jessie", these issues has been fixed in squirrelmail version 2:1.4.23~svn20120406-2+deb8u3.

We recommend that you upgrade your squirrelmail packages.

Regards,


  ,''`.
 : :'  :     Chris Lamb
 `. `'`      lamby@debian.org / chris-lamb.co.uk
   `-