-
Committer:
Bazaar Package Importer
-
Author(s):
Thijs Kinkhorst
-
Date:
2006-03-07 14:56:06 UTC
-
mfrom:
(1.1.3 upstream)
-
Revision ID:
james.westby@ubuntu.com-20060307145606-be8oxugkhuyu1e4x
Tags: 2:1.4.6-1
* New upstream release.
* Includes the following security fixes:
  - Fix IMAP command injection in sqimap_mailbox_select
    with upstream patch. [CVE-2006-0377] (Closes: #354063)
  - Fix possible XSS in MagicHTML, concerning the parsing
    of u\rl and comments in styles. Internet Explorer
    specific. [CVE-2006-0195] (Closes: #354062)
  - Fix possible cross site scripting through the right_main
    parameter of webmail.php. This now uses a whitelist of
    acceptable values. [CVE-2006-0188] (Closes: #354064, #355424)