Your message dated Fri, 10 Mar 2006 17:37:41 +0100
with message-id <[EMAIL PROTECTED]>
and subject line fixed in squirrelmail 2:1.4.6-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: squirrelmail
Version: 2:1.4.5-2
Severity: minor
This Version is working with PHP5, please add it as an alternative for
php4 in the list of depend packages.
Thanks
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-1-686
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages squirrelmail depends on:
ii apache2-mpm-prefork [httpd] 2.0.54-5 traditional model for Apache2
ii libapache2-mod-php4 4:4.4.0-4 server-side, HTML-embedded scripti
ii perl 5.8.7-3 Larry Wall's Practical Extraction
ii php4 4:4.4.0-4 server-side, HTML-embedded scripti
Versions of packages squirrelmail recommends:
pn ispell | aspell | aspel <none> (no description available)
ii squirrelmail-locales 1.4.5-20050713-1 Translations for the SquirrelMail
-- no debconf information
--- End Message ---
--- Begin Message ---
Hello,
The bug you reported is fixed in the most recent upload of squirrelmail,
2:1.4.6-1. Unfortunatly, while rebuilding a part of the .changes file
contents was omitted, so here it is for completeness:
Changes:
squirrelmail (2:1.4.6-1) unstable; urgency=high
.
* New upstream release.
* Includes the following security fixes:
- Fix IMAP command injection in sqimap_mailbox_select
with upstream patch. [CVE-2006-0377] (Closes: #354063)
- Fix possible XSS in MagicHTML, concerning the parsing
of u\rl and comments in styles. Internet Explorer
specific. [CVE-2006-0195] (Closes: #354062)
- Fix possible cross site scripting through the right_main
parameter of webmail.php. This now uses a whitelist of
acceptable values. [CVE-2006-0188] (Closes: #354064, #355424)
.
squirrelmail (2:1.4.5+1.4.6rc1-1) experimental; urgency=low
.
* Experimental package
* New upstream version: 1.4.6 Release Candidate 1
Many bugfixes, amongst which the following Debian bugs:
+ Works with newest PHP versions (Closes: #321565, #338649).
+ Fixes line wrapping for unicode characters (Closes: #330372).
+ Add support for limiting the length of the From address display
(Closes: #279682).
* Add Depends alternatives for PHP5.
* Add Suggests for squirrelmail-decode, the library with charset decoding
functions for complex and rare character sets.
* Upgrade debhelper compatibility to the recommended level 5.
* Add Homepage to package description.
* Move package building from the binary-arch to the binary-indep target
in debian/rules.
Files:
d790b96f0087d7f770752bb9534a601b 674 web optional squirrelmail_1.4.6-1.dsc
da9e22416fca21ed0636458641187cdb 599318 web optional
squirrelmail_1.4.6.orig.tar.gz
82792b91906dcbcef063b0460102cc51 17996 web optional
squirrelmail_1.4.6-1.diff.gz
d295043665517c0cae54a381151bd843 599300 web optional
squirrelmail_1.4.6-1_all.deb
Thanks for reporting.
regards,
Thijs Kinkhorst
signature.asc
Description: This is a digitally signed message part
--- End Message ---
