914bc2a8a8
There is a cross site scripting issue in the decoding of encoded text in certain headers. SquirrelMail correctly decodes the specially crafted header, but doesn't sanitize the decoded strings. http://article.gmane.org/gmane.mail.squirrelmail.user/21169
6 lines
306 B
Text
6 lines
306 B
Text
$NetBSD: distinfo,v 1.21 2004/11/16 14:18:01 martti Exp $
|
|
|
|
SHA1 (squirrelmail-1.4.3a.tar.bz2) = 8cb22905ddedbe94c9a174d12074263ce84c9a27
|
|
Size (squirrelmail-1.4.3a.tar.bz2) = 2254039 bytes
|
|
SHA1 (patch-aa) = b850165c4ed863faca1b8786e43c2cc16abba060
|
|
SHA1 (patch-ab) = c994d1287465f4b3ffa79d1e9c0f27c50ce27aa6
|