On 2016年11月18日 13:21, rich.greder@xxxxxxxxxxxx wrote: > I noticed on the page: > > http://squirrelmail.org/wiki/PatchingSquirrelMail > > That if I'm using RPM, I should update via RPM. Does that suggestion extend to any package manager, such as apt in my case as I am running an OS (Ubuntu) that is a variant of Debian? Yes. The point is that you shouldn't try to mix and match installation/update processes. > Also, the current installed version is identified by apt as being: > > squirrelmail/xenial,xenial,now 2:1.4.23~svn20120406-2ubuntu1 > > Which postdates the most recent issue (CVE-2012-0323) in the patch by a couple weeks. That makes me question the efficacy of the patch. Is it certain that this patch can in fact correct this issue, even though my installation version is newer? Many times third party packages include patches that postdate the version that they forked from us. You could try asking in the Ubuntu community. -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php ------------------------------------------------------------------------------ ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
