Next | Query returned 1 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2017-04-20 20:27:26 by Benny Siegert | Files touched by this commit (3)
Log message:
Pullup ticket #5333 - requested by maya
mail/squirrelmail: security fix

Revisions pulled up:
- mail/squirrelmail/Makefile                                    1.132
- mail/squirrelmail/distinfo                                    1.68
- mail/squirrelmail/patches/patch-class_deliver_Deliver__SendMail.class.php 1.1

---
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Wed Apr 19 17:10:18 UTC 2017

   Modified Files:
           pkgsrc/mail/squirrelmail: Makefile distinfo
   Added Files:
           pkgsrc/mail/squirrelmail/patches:
               patch-class_deliver_Deliver__SendMail.class.php

   Log message:
   squirrelmail: patch remote code execution (CVE-2017-7692)
   separately escape tainted input before feeding it into popen.
   https://www.wearesegment.com/research/Squirrelmail-Remote-Code-Execution.html

   patch from Filipo Cavallarin@wearesegment, who also found the vulnerability.
   bump PKGREVISION

Next | Query returned 1 messages, browsing 1 to 10 | previous