[Bug 446838] Re: Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier
Leonel Nunez
leonel at enelserver.com
Mon Oct 12 16:16:41 UTC 2009
Dapper debdiff
package builds , installs and worked fine.
The patches to
search.php line 240, has no place to patch.
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/src/search.php?r1=13818&r2=13817&pathrev=13818
and compose.php line 1032 introduces an error when reply,reply all, or forward messages.
leaved this line unpatched
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/src/compose.php?r1=13818&r2=13817&pathrev=13818
** Attachment added: "Dapper DebDiff"
http://launchpadlibrarian.net/33547315/dapper.debdiff
--
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier
https://bugs.launchpad.net/bugs/446838
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list