Fedora Core 4 : squirrelmail-1.4.6-0.cvs20050812.1.fc4 (2005-780)
High Nessus Plugin ID 19483
SynopsisThe remote Fedora Core host is missing a security update.
DescriptionIt probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4.
This snapshot worked on my personal server for the past week, so hopefully it will be good for everyone else too.
CVE-2005-1769 and CVE-2005-2095 security issues are solved in this update.
Please report regressions in behavior from our previous 1.4.4 package to Red Hat Bugzilla, product Fedora Core. All other squirrelmail bugs please report upstream.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected squirrelmail package.