Fredrik Jervfors schrieb: > "richard@xxxxxxxxxxxxxx": >> "Jon Angliss": >>> Due to the package compromise of 1.4.11, and 1.4.12, we are forced to >>> release 1.4.13 to ensure no confusions. >> >> When and in which way was 1.4.11 compromised? This came to me as a >> surprise since all the other posts only mentioned 1.4.12?! >> >> My 1.4.11 setup doesn't have the known HTTP_BASE_PATH manipulation, but >> I took it offline nonetheless. Problem is, however, that 1.4.13 doesn't >> work for me (see other post), so for the moment the users who rely on >> webmail here don't have access to their mail. >> >> Can I take my 1.4.11 setup online again or are there other security >> issues? > > 1.4.11 was, as far as I know, compromised 2007-11-24. If your packet was > downloaded prior to that date there shouldn't be any problems using it. > Still, I advice everyone to upgrade to 1.4.13 if possible. with Pauls patch 1.4.13 should work for Richard. But be careful to attach the second (slightly changed) one. Roland. ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
