squirrelmail security update

2009-01-12T00:00:00
ID ELSA-2009-0010
Type oraclelinux
Reporter Oracle
Modified 2009-01-12T00:00:00

Description

[1.4.8-5.0.1.el5_2.2] - Remove Redhat splash screen images [1.4.8-5.2] - Resolves: CVE-2008-2379 - fix XSS issue caused by an insufficient html mail sanitation [1.4.8-5.1] - don't transmit cookies under non-SSL connections if the session is started under an SSL (https) connection - Resolves: CVE-2008-3663, #468398 - fix release number with respect to Z-stream nvr policy