[Bug 328938] Re: CVE-2008-3663 Cookies for SSL connection could be sent over non-SSL
Andreas Wenning
awen at awen.dk
Wed Mar 25 21:28:10 UTC 2009
My mistake; here is the right file.
For CVE-2006-3174 and CVE-2006-3665 they both only occur if using
register_globals. The Squirrelmail team defines this as a serious no-go,
and will in general not even provide patches for it.
I'll take a look at both of them in any case though.
** Attachment added: "squirrelmail_1.4.6-1ubuntu0.2.debdiff"
http://launchpadlibrarian.net/24347375/squirrelmail_1.4.6-1ubuntu0.2.debdiff
--
CVE-2008-3663 Cookies for SSL connection could be sent over non-SSL
https://bugs.launchpad.net/bugs/328938
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list