Summary: | [PATCH] mail/squirrelmail: update to patch security flaw in attachment processing | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Jesse Smith <jsmith> | ||||||
Component: | Individual Port(s) | Assignee: | Mathieu Arnold <mat> | ||||||
Status: | Closed FIXED | ||||||||
Severity: | Affects Some People | CC: | uzsolt | ||||||
Priority: | --- | Flags: | uzsolt:
maintainer-feedback+
uzsolt: merge-quarterly? |
||||||
Version: | Latest | ||||||||
Hardware: | Any | ||||||||
OS: | Any | ||||||||
Attachments: |
|
Description
Jesse Smith
2018-03-21 17:46:46 UTC
I think this patch is correct. Thanks for your work! (In reply to Zsolt Udvari from comment #1) My pleasure. I've now tested the patched package on two servers and it's working ok for me. Created attachment 192200 [details] Update to 20180404, fix CVE The squirrelmail codebase is updated, see https://sourceforge.net/p/squirrelmail/code/14751 . Comment on attachment 191714 [details]
Update and security fix for squirrelmail
The newer patch obsoletes this.
A commit references this bug: Author: mat Date: Thu May 3 12:42:48 UTC 2018 New revision: 468923 URL: https://svnweb.freebsd.org/changeset/ports/468923 Log: Update to 20180404. PR: 226831 Submitted by: maintainer MFH: 2018Q2 Security: CVE-2018-8741 Sponsored by: Absolight Changes: head/mail/squirrelmail/Makefile head/mail/squirrelmail/distinfo A commit references this bug: Author: mat Date: Mon May 7 10:47:30 UTC 2018 New revision: 469283 URL: https://svnweb.freebsd.org/changeset/ports/469283 Log: MFH: r468923 Update to 20180404. PR: 226831 Submitted by: maintainer Security: CVE-2018-8741 Sponsored by: Absolight Changes: _U branches/2018Q2/ branches/2018Q2/mail/squirrelmail/Makefile branches/2018Q2/mail/squirrelmail/distinfo |