Ubuntu
squirrelmail package

lp:ubuntu/edgy-backports/squirrelmail

Edgy (6.10)
edgy-backports

Created by James Westby on 2009-08-08 and last modified on 2009-08-08

Get this branch:: bzr branch lp:ubuntu/edgy-backports/squirrelmail

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

9. By Scott Kitterman on 2007-07-20

Automated backport upload; no source changes.

8. By Thijs Kinkhorst on 2006-08-11

* New upstream release
  - Includes security fix: variable overwriting in compose.php
    by logged-in user [CVE-2006-4019]
  - Does not ship SquirrelMail developer's documentation anymore.

* Remove duplicate content from README.locales.

7. By Thijs Kinkhorst on 2006-07-04

* New upstream bugfix release.
  + Addresses some low-impact, theoretical or disputed security bugs,
    for which the code is tightened just-in-case:
    - Possible local file inclusion (Closes: #373731, CVE-2006-2842)
    - XSS in search.php (Closes: #375782, CVE-2006-3174)
  + Adds note to db-backend.txt about postgreSQL (Closes: #376605).

* Checked for standards version to 3.7.2, no changes necessary.
* Update maintainer address.

6. By Thijs Kinkhorst on 2006-03-07

* New upstream release.
* Includes the following security fixes:
  - Fix IMAP command injection in sqimap_mailbox_select
    with upstream patch. [CVE-2006-0377] (Closes: #354063)
  - Fix possible XSS in MagicHTML, concerning the parsing
    of u\rl and comments in styles. Internet Explorer
    specific. [CVE-2006-0195] (Closes: #354062)
  - Fix possible cross site scripting through the right_main
    parameter of webmail.php. This now uses a whitelist of
    acceptable values. [CVE-2006-0188] (Closes: #354064, #355424)

5. By Thijs Kinkhorst on 2005-08-15

[ Jeroen van Wolffelaar ]
* Restore squirrelmail-configure manpage, accidently dropped in -1
* Use debhelper compat level 4

[ Thijs Kinkhorst ]
* Drop obsolete symlink for attachment dir.
* Do not ship upstream README, which contains hardly any information
relevant to Debian. Extend README.Debian a bit. Thanks W. Borgert.
* Add years to copyright statement.

4. By Martin Schulze <email address hidden> on 2005-07-11

* Non-maintainer upload by the Security Team
* Corrected the patch based on upstream input
[src/options_identities.php, CAN-2005-2095]

3. By Thijs Kinkhorst on 2005-02-06

* Move default_pref config file from /var to /etc, as per Debian policy
(Closes: #293281)
* [JvW] (finally) override two lintian warnings about nonstandard
permissions that are intentional (Closes: #293366)

2. By Sam Johnston on 2004-02-04

* New upstream release. Closes #230921.
* RFC3501 compliance for mailbox naming (eg trailing spaces).
Closes: #176590, #215183.
* Adds a squirrelmail symlink in /var/www/. Closes: #229282.
* Adds PHP safe_mode workaround to README.Debian. Closes: #222071.
* Adds daily cron job to clean attachments directory. Closes: #228400.
* Checks for config_default.php before copying in postinst.
Closes: #229737.

1. By Sam Johnston on 2004-02-04

Import upstream version 1.5.0

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/squirrelmail

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntusquirrelmail package