HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Server Operation (
-   -   Warning - SquirrelMail security issue! (

wpwood3 19th December 2007 22:54

Warning - SquirrelMail security issue!
The SquirrelMail team announced on Dec 14, 2007 that there was a package compromise of versions 1.4.11 and 1.4.12. Hackers gained access to the package repository and made modifications to the release packages.

If you are running one of these versions you should upgrade to 1.4.13 immediately.

More info on the SquirrelMail website:

chipsafts 20th December 2007 00:18

We are running SquirrelMail 1.4.6-3 on a RH9 server and none of our yum's have a later version.
How can we update the SquirrelMail to 1.4.13 or are we better off not trying?

wpwood3 20th December 2007 00:30

Only versions 1.4.11 and 1.4.12 have the security so you can stick with 1.4.6 if you want to.

Upgrading SquirrelMail is not a big deal. I just upgraded my 1.4.11 by simply downloading version 1.4.13 from the SquirrelMail website and overwriting the old files with the new ones.

chipsafts 20th December 2007 02:16

huh? overwriting which old file with new ones?

Interesting and a bit disconcerning that RPMFind's latest version for any system is 1.4.10a-17.4 , which makes me wonder if there are not oodles of configuration or usability problems with the latest versions.

All times are GMT +2. The time now is 03:22.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.