Debian 9859 Published by

Updated squirrelmail packages has been released for Debian GNU/Linux 8 LTS



Package : squirrelmail
Version : 2:1.4.23~svn20120406-2+deb8u3
CVE IDs : CVE-2018-14950 CVE-2018-14951 CVE-2018-14952
CVE-2018-14953 CVE-2018-14954 CVE-2018-14955
Debian Bug : #905023

It was discovered that there were a number of Cross Site Scripting
(XSS) vulnerabilities in the squirrelmail webmail client.

For Debian 8 "Jessie", these issues has been fixed in squirrelmail
version 2:1.4.23~svn20120406-2+deb8u3.

We recommend that you upgrade your squirrelmail packages.