lp:ubuntu/natty/squirrelmail
- Get this branch:
- bzr branch lp:ubuntu/natty/squirrelmail
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 19. By Thijs Kinkhorst
-
* New upstream release.
+ Addresses two low-imact security issues, bump urgency.
[CVE-2010-1637, CVE-2010-2813]
* Checked for policy 3.9.1, no changes necessary. - 18. By Andreas Wenning
-
* SECURITY UPDATE: (LP: #598077)
* The Mail Fetch plugin allows remote authenticated users to bypass firewall
restrictions and use SquirrelMail as a proxy to scan internal networks via
a modified POP3 port number.
- http://squirrelmail. org/security/ issue/2010- 06-21
- CVE-2010-1637
- Patch taken from upstream svn rev. 13951. Applied inline. - 17. By Thijs Kinkhorst
-
* New upstream release.
+ Addresses search bug (closes: #550763).
* Update to policy 3.8.4, no changes necessary. - 16. By Thijs Kinkhorst
-
* New upstream release candidate.
+ Addresses cross site request forgery (CVE-2009-2964,
closes: #543818).
* Update to policy 3.8.3, no changes necessary. - 15. By Thijs Kinkhorst
-
* New upstream release.
+ Corrects incomplete fix for CVE-2009-1579 [CVE-2009-1381]
+ Fixes filter plugin regression (closes: #529328) - 14. By Thijs Kinkhorst
-
* New upstream release.
+ Addresses several security issues (closes: #528528):
CVE-2009-1578, CVE-2009-1579, CVE-2009-1580, CVE-2009-1581.
* Update to debhelper 7 and policy 3.8.1.
* Make squirrelmail.cron.daily cope with the administrator
enabling the hashed dir feature, thanks Marcello Nuccio
(closes: #508287).
* Update Recommends and Suggests:
+ Remove all php4-related relations.
+ Add recommends for php5-mcode which speeds up crypto.
+ Suggest php5-recode for some character sets.
+ Recommend plugins: squirrelmail-viewashtml for HTML mail,
squirrelmail-logger to provide logging.
(closes: #523966, #527964) - 12. By Thijs Kinkhorst
-
Cookies sent over HTTPS will now be confined to HTTPS only
(cookie secure flag) and more support for the HTTPOnly cookie
attribute. Patch taken from upstream release.
(CVE-2008-3663, closes: #499942) - 11. By Thijs Kinkhorst
-
* New upstream security release.
- Additionally tightens HTML filter for IE <= 5 parsing
absolutely everything and it's horse. - 10. By Thijs Kinkhorst
-
* Add note to README.Debian about server side sorting (Closes: #394286)
and regular_globals not being supported.
* Add IfModule conditionals for register_globals setting in
apache.conf (Closes: #398173).
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/oneiric/squirrelmail