-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : squirrelmail Version : 2:1.4.23~svn20120406-2+deb8u3 CVE IDs : CVE-2018-14950 CVE-2018-14951 CVE-2018-14952 CVE-2018-14953 CVE-2018-14954 CVE-2018-14955 Debian Bug : #905023
It was discovered that there were a number of Cross Site Scripting (XSS) vulnerabilities in the squirrelmail webmail client. For Debian 8 "Jessie", these issues has been fixed in squirrelmail version 2:1.4.23~svn20120406-2+deb8u3. We recommend that you upgrade your squirrelmail packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAluIET4ACgkQHpU+J9Qx HlgweA/8CQFKxZreVcFWefRLu+dsifiXhTl8FL5CPTxFGWW4synrffXBwHBziZzv lLtq9D2sTZMKFzj1R3EcFLXmv9h1/+5GqULT7WiWEfv4yaph/YbGdsr+2jj44HhZ 7pQcMw/xbXWzVH7O8WCOELxarhWry4jZlnR9frBaeZRIYC0PJqBkMTxYKRdE1Vzp 5QDTPwIrG/OHe1lAezYE55bnb8KLiJp9WRlhN2cZ7za9QBh5GooesNLZ6IqkK08t Z6fFObm6RdowCHSf2QL52BkLTMyhHiC93FyIit3H0iYSRxmLGTSr+mB1vGy5MpiA uQGsqlstXnXOqWOwDtCuACAC/XTMUIBv8BqPzO1DffJVFYu3o4qhGuCwvkNCxoqx wPaFuDWBI0Ppy5gZUNqbxfpucEomzNc7WL7aU+LSUSOSERF3GpkQKo8SFcq3zgpa qpKTnQFfhelcUWlaAxJm20eeov4zdju6aSxnpduauPWa31V0GbkOKe51T7sfvG7Y vnPlyj2PF4/Zq9QYpAYqNEkwUNrQjWTThCsrK4fpz6hZIMVuiZv4DCdsGDGhzgG8 UNZ70dKPa/XgQBnSArafzUVUu94qjUPezDWThIQT45XRe/2xdCC1htgjApPruJ+T 6NT10MRL2zkr6K7KEOmbf9kyt0sCYTZhJy7j71XtJFl2rb/OWGs= =kd5F -----END PGP SIGNATURE-----