Package: squirrelmail Version: 1.4.4-5 Several cross site scripting (XSS) vulnerabilties have been discovered in SquirrelMail versions 1.4.0 - 1.4.4. The patch is not yet included in the Debian packages (stable, testing, unstable).
Bugreport and patch can be found at http://www.squirrelmail.org/security/issue/2005-06-15 Cheers, -- Ian Langnickel G.O.D. Gesellschaft für Organisation und Datenverarbeitung mbH Berliner Str. 111 - 38104 Braunschweig - Germany Phone: +49 531 23767-17 - Fax: +49 531 23767-41 PGP key available on request