-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 31 Jul 2004 13:26:35 +0200
Source: squirrelmail
Binary: squirrelmail
Architecture: source all
Version: 1:1.2.6-1.4
Distribution: stable-security
Urgency: high
Maintainer: Sam Johnston <samj@debian.org>
Changed-By: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
Description: 
 squirrelmail - Webmail for nuts
Closes: 257961 257972 257973
Changes: 
 squirrelmail (1:1.2.6-1.4) stable-security; urgency=high
 .
   * Non-maintainer upload for security issues. Thanks to Thijs Kinkhorst for
     tracking down the 1.2.x issues
   * [CAN-2004-0521] Fix SQL injection vulnerability when using
     addressbook-in-SQL-database (Closes: #257961)
   * [CAN-2004-0519, CAN-2004-0520] Fix multiple XSS issues, some exploitable
     by incoming email (Closes: #257972)
   * [CAN-2004-0639] Backport fixes for multiple XSS issues found between 1.2.6
     and 1.2.12, some exploitable by incoming email (Closes: #257973)
   * Fix a bug preventing the Table of Contents of the Help system to be shown,
     which was introduced in the 1:1.2.6-1.1 security update.
Files: 
 9e3f6fb2b152cb6086be738abc5e1021 586 web optional squirrelmail_1.2.6-1.4.dsc
 0f07dc4c32a8356344ba5f39d6c2373a 20493 web optional squirrelmail_1.2.6-1.4.diff.gz
 34057494a43f7a136276d821956e010a 1840376 web optional squirrelmail_1.2.6-1.4_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBDu8IArxCt0PiXR4RAnr3AKCjwzCxLLh7i9CJI9AH9YTZBzRpPgCg32ci
h7ggm8mmQyBOM5RyWPQfJFg=
=pX45
-----END PGP SIGNATURE-----