Oval Definition:oval:com.redhat.rhsa:def:20070022
Revision Date:2008-03-20Version:636
Title:RHSA-2007:0022: squirrelmail security update (Moderate)
Description:SquirrelMail is a standards-based webmail package written in PHP.

Several cross-site scripting bugs were discovered in SquirrelMail. An attacker could inject arbitrary Javascript or HTML content into SquirrelMail pages by tricking a user into visiting a carefully crafted URL. (CVE-2006-6142)

Users of SquirrelMail should upgrade to this erratum package, which contains a backported patch to correct these issues.

Notes: - After installing this update, users are advised to restart their httpd service to ensure that the updated version functions correctly. - config.php should NOT be modified, please modify config_local.php instead. - Known Bug: The configuration generator may potentially produce bad options that interfere with the operation of this application. Applying specific config changes to config_local.php manually is recommended.
Family:unixClass:patch
Status:Reference(s):CVE-2006-6142
RHSA-2007:0022
RHSA-2007:0022-01
RHSA-2007:0022-01
Platform(s):Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND squirrelmail is earlier than 0:1.4.8-4.el3
  • AND squirrelmail is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND squirrelmail is earlier than 0:1.4.8-4.el4
  • AND squirrelmail is signed with Red Hat master key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND squirrelmail is earlier than 0:1.4.8-4.el3
  • AND squirrelmail is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND squirrelmail is earlier than 0:1.4.8-4.el4
  • AND squirrelmail is signed with Red Hat master key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND squirrelmail is earlier than 0:1.4.8-4.el4
  • AND squirrelmail is signed with Red Hat redhatrelease2 key
    • BACK