** Changed in: squirrelmail (Ubuntu Dapper)
Status: Incomplete = Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/396306
Title:
[CVE-2009-1381] Incomplete fix for CVE-2009-1579
To
** Branch linked: lp:ubuntu/hardy-updates/squirrelmail
** Branch linked: lp:ubuntu/intrepid-security/squirrelmail
** Branch linked: lp:ubuntu/jaunty-updates/squirrelmail
--
[CVE-2009-1381] Incomplete fix for CVE-2009-1579
https://bugs.launchpad.net/bugs/396306
You received this bug
** Changed in: squirrelmail (Ubuntu Hardy)
Status: In Progress = Fix Committed
** Changed in: squirrelmail (Ubuntu Intrepid)
Status: In Progress = Fix Committed
** Changed in: squirrelmail (Ubuntu Jaunty)
Status: In Progress = Fix Committed
--
[CVE-2009-1381] Incomplete
This bug was fixed in the package squirrelmail - 2:1.4.13-2ubuntu1.4
---
squirrelmail (2:1.4.13-2ubuntu1.4) hardy-security; urgency=low
* SECURITY UPDATE: (LP: #396306)
* Server-side code injection in map_yp_alias username map. An issue was
fixed that allowed arbitrary
This bug was fixed in the package squirrelmail - 2:1.4.15-3ubuntu0.3
---
squirrelmail (2:1.4.15-3ubuntu0.3) intrepid-security; urgency=low
* SECURITY UPDATE: (LP: #396306)
* Server-side code injection in map_yp_alias username map. An issue was
fixed that allowed arbitrary
This bug was fixed in the package squirrelmail - 2:1.4.15-4ubuntu0.2
---
squirrelmail (2:1.4.15-4ubuntu0.2) jaunty-security; urgency=low
* SECURITY UPDATE: (LP: #396306)
* Server-side code injection in map_yp_alias username map. An issue was
fixed that allowed arbitrary
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1381
--
[CVE-2009-1381] Incomplete fix for CVE-2009-1579
https://bugs.launchpad.net/bugs/396306
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
Here comes the debdiffs for jaunty, intrepid and hardy. All of them have
been tested.
First jaunty.
** Attachment added: squirrelmail_1.4.15-4ubuntu0.2.dsc
http://launchpadlibrarian.net/28750932/squirrelmail_1.4.15-4ubuntu0.2.dsc
** Attachment removed: squirrelmail_1.4.15-4ubuntu0.2.dsc
** Attachment added: squirrelmail_1.4.15-4ubuntu0.2.debdiff
http://launchpadlibrarian.net/28750944/squirrelmail_1.4.15-4ubuntu0.2.debdiff
--
[CVE-2009-1381] Incomplete fix for CVE-2009-1579
https://bugs.launchpad.net/bugs/396306
You received this bug notification because you are a member of
Next intrepid.
** Attachment added: squirrelmail_1.4.15-3ubuntu0.3.debdiff
http://launchpadlibrarian.net/28750981/squirrelmail_1.4.15-3ubuntu0.3.debdiff
--
[CVE-2009-1381] Incomplete fix for CVE-2009-1579
https://bugs.launchpad.net/bugs/396306
You received this bug notification because you
And lastly hardy.
** Attachment added: squirrelmail_1.4.13-2ubuntu1.4.debdiff
http://launchpadlibrarian.net/28751012/squirrelmail_1.4.13-2ubuntu1.4.debdiff
** Also affects: squirrelmail (Ubuntu Dapper)
Importance: Undecided
Status: New
--
[CVE-2009-1381] Incomplete fix for
Dapper affected by the original problem as that hasn't been fixed; see
bug 375513.
** Changed in: squirrelmail (Ubuntu Dapper)
Importance: Undecided = High
** Changed in: squirrelmail (Ubuntu Dapper)
Status: New = Incomplete
** Changed in: squirrelmail (Ubuntu Hardy)
Assignee:
12 matches
Mail list logo