This bug was fixed in the package squirrelmail - 2:1.4.15-3ubuntu0.4
--------------- squirrelmail (2:1.4.15-3ubuntu0.4) intrepid-security; urgency=low
* SECURITY UPDATE: (LP: #446838) * Multiple cross-site request forgery (CSRF) in all forms submissions * edited: src/addrbook_search_html.php,src/addressbook.php,src/compose.php src/folders_create.php,src/folders_delete.php,src/folders.php, src/folders_rename_do.php,src/folders_rename_getname.php, src/folders_subscribe.php,functions/forms.php, functions/mailbox_display.php,src/move_messages.php, src/options_highlight.php,src/options_identities.php, src/options_order.php,src/options.php,src/search.php, functions/strings.php,src/vcard.php * Fixes : CVE-2009-2964 - http://www.squirrelmail.org/security/issue/2009-08-12 - patches taken from upstream rev 13818 - patches applied inline -- Leonel Nunez <email address hidden> Sun, 11 Oct 2009 21:33:16 -0600
This bug was fixed in the package squirrelmail - 2:1.4.15-3ubuntu0.4
--------------- 15-3ubuntu0. 4) intrepid-security; urgency=low
squirrelmail (2:1.4.
* SECURITY UPDATE: (LP: #446838) addrbook_ search_ html.php, src/addressbook .php,src/ compose. php folders_ create. php,src/ folders_ delete. php,src/ folders. php, folders_ rename_ do.php, src/folders_ rename_ getname. php, folders_ subscribe. php,functions/ forms.php, mailbox_ display. php,src/ move_messages. php, options_ highlight. php,src/ options_ identities. php, options_ order.php, src/options. php,src/ search. php, strings. php,src/ vcard.php www.squirrelmai l.org/security/ issue/2009- 08-12
* Multiple cross-site request forgery (CSRF) in all
forms submissions
* edited:
src/
src/
src/
src/
functions/
src/
src/
functions/
* Fixes : CVE-2009-2964
- http://
- patches taken from upstream rev 13818
- patches applied inline
-- Leonel Nunez <email address hidden> Sun, 11 Oct 2009 21:33:16 -0600