TITLE: Debian update for squirrelmail SECUNIA ADVISORY ID: SA19176 VERIFY ADVISORY: http://secunia.com/advisories/19176/ CRITICAL: Less critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 3.0 http://secunia.com/product/143/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for squirrelmail. This fixes some vulnerabilities, which can be exploited by malicious users to manipulate certain information and by malicious people to conduct cross-site scripting attacks. For more information: SA18985 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.0 alias woody -- Source archives: http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.2.6-5.dsc Size/MD5 checksum: 582 07fe8ca983ec4bf8a3355a91c79c9d78 http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.2.6-5.diff.gz Size/MD5 checksum: 24884 a65726611c8f71274582b353e309a9a1 http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.2.6.orig.tar.gz Size/MD5 checksum: 1856087 be9e6be1de8d3dd818185d596b41a7f1 Architecture independent components: http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.2.6-5_all.deb Size/MD5 checksum: 1841716 1d246bc2ffe2323e2503202bfc147d9c -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-8.dsc Size/MD5 checksum: 678 140546ee9c0534419ddcaf3c7e632110 http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-8.diff.gz Size/MD5 checksum: 24654 15ddd8f4db234006a1ac290087640dfc http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4.orig.tar.gz Size/MD5 checksum: 575871 f50548b6f4f24d28afb5e6048977f4da Architecture independent components: http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-8_all.deb Size/MD5 checksum: 570472 2087dcea05cd5e1c4033f15cf120761a -- Debian GNU/Linux unstable alias sid -- Fixed in version 2:1.4.6-1. ORIGINAL ADVISORY: http://www.debian.org/security/2006/dsa-988 OTHER REFERENCES: SA18985: http://secunia.com/advisories/18985/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------