[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squirrelmail-cvs
Subject:    [SM-CVS] CVS: squirrelmail ChangeLog,1.690,1.691
From:       Thijs Kinkhorst <kink () users ! sourceforge ! net>
Date:       2006-01-31 7:27:46
Message-ID: E1F3pvW-00027R-MB () sc8-pr-cvs1 ! sourceforge ! net
[Download RAW message or body]

Update of /cvsroot/squirrelmail/squirrelmail
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8102

Modified Files:
	ChangeLog 
Log Message:
- Security: Fix possible cross site scripting through the right_main
  parameter of webmail.php. This now uses a whitelist of acceptable
  values. [CVE-2006-0188]


Index: ChangeLog
===================================================================
RCS file: /cvsroot/squirrelmail/squirrelmail/ChangeLog,v
retrieving revision 1.690
retrieving revision 1.691
diff -u -w -r1.690 -r1.691
--- ChangeLog	30 Jan 2006 10:08:38 -0000	1.690
+++ ChangeLog	31 Jan 2006 07:27:44 -0000	1.691
@@ -534,7 +534,9 @@
     based templates.
   - Added footer template to every page.
   - Added experimental IMAP and SMTP STARTTLS extension support.
-
+  - Security: Fix possible cross site scripting through the right_main
+    parameter of webmail.php. This now uses a whitelist of acceptable
+    values. [CVE-2006-0188]
 
 Version 1.5.0 - 2 February 2004
 -------------------------------



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
--
squirrelmail-cvs mailing list
List Address: squirrelmail-cvs@lists.sourceforge.net
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-cvs
http://squirrelmail.org/cvs
[prev in list] [next in list] [prev in thread] [next in thread]