Advisories » MGASA-2018-0357

Updated squirrelmail packages fix XSS-security vulnerability

Publication date: 31 Aug 2018
Modification date: 31 Aug 2018
Type: security
Affected Mageia releases : 6

Description

Updated squirrelmail packages fix XSS-security vulnerability:

It was discovered that some special tags have not been filtered
accordingly which can be used for an XSS-attack.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23366
• https://sourceforge.net/p/squirrelmail/bugs/2831/
• http://openwall.com/lists/oss-security/2018/07/26/2

SRPMS

6/core

• squirrelmail-1.4.22-15.2.mga6