2018-04-02 17:45:19
squirrelmail RPM update, fix file disclosure vuln presented at Troopers 2018 (#TR18)
It seems that Red Hat won't fix the #TR18 vulnerability in squirrelmail.
The tuxad repo has now an update of squirrelmail which includes the "dagbrown patch". The package version string is 1.4.8-21.el5_11.1.
News history tuxad repository:
- 2016/10 More packages recompiled against OpenSSL 1
- 2016/05 RHEL 5 RPM packages with SSL enhancements
- 2016/03 Enhanced encryption for dovecot on RHEL/CentOS 5
- 2015/04 tuxad yum package repository for RHEL / CentOS 5 x86_64
- 2014/12 YUM repository for RHEL / CentOS 5
- 2014/11 OpenSSL updates/enhancements for RHEL / Centos 5