On Fri, Mar 03, 2006 at 09:51:25PM -0500, Paul wrote: > On Fri, March 3, 2006 9:21 pm, Michal Jaegermann wrote: > > On Fri, Mar 03, 2006 at 08:51:05PM -0500, Paul wrote: > >> Anyhow, I have verified the latest squirrelmail 1.4.5-1 fixes this bug. > > > > The latest one is squirrelmail-1.4.6-1. Well, for FC4 but it will > > recompile anyway and it is fixing security issues. Is the above a typo? > > No typo. I assume 1.4.5-1 fixes security bugs in 1.4.5 for Core 1,2,3. No, it does not. This is from a changelog: * Wed Mar 01 2006 David Woodhouse <dwmw2@xxxxxxxxxx> 1.4.6-1 - Upgrade to 1.4.6 proper for CVE-2006-0377 CVE-2006-0195 CVE-2006-0188 Note "2006". New security problems were revealed in the meantime. > Now, this is for legacy. Does not help unless you backport security fixes and I am not even going to try with PHP. Michal -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
