Summary: | mail-client/squirrelmail Cross Site Scripting in encoded text | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Rajiv Aaron Manglani (RETIRED) <rajiv> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | eradicator, stuart |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://article.gmane.org/gmane.mail.squirrelmail.user/21169 | ||
Whiteboard: | B4 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Rajiv Aaron Manglani (RETIRED)
2004-11-10 21:18:26 UTC
Jeremy please provide a fixed ebuild. the second chunk of that patch looks bad... I'm gonna verify upstream... Stuart, how do you force all vhosts using an old version of a webapp to update to the new one? Can this information be included in the glsa for glsa-check automation? ppc: please test out 1.4.3a-r2 and mark stable oh, and for the record I checked the second hunk and I was confused... it's fine... stable on ppc GLSA drafted Security please review. GLSA 200411-25 |