Changelog
squirrelmail (2:1.4.10a-2~dapper1) dapper-backports; urgency=low
* Automated backport upload; no source changes.
squirrelmail (2:1.4.10a-2) unstable; urgency=low
* Make use of new dictionaries-common SquirrelMail interface to
detect the installed squirrelspell dictionaries (Closes: #420877).
* Remove obsolete upgrading code.
* Make sure config files are not closed with '?>' since it's then
too easy to get stray whitespace at the end of the file.
squirrelmail (2:1.4.10a-1) unstable; urgency=high
* New upstream security release.
- Fixes cross site scripting in the HTML filter [CVE-2007-1262]
- Tweaks SMTP error message display (Closes: #403705).
- Fixes address duplication on reply-all (Closes: #408242).
squirrelmail (2:1.4.9a-1) unstable; urgency=high
* New upstream security release.
- Additionally tightens HTML filter for IE <= 5 parsing
absolutely everything and its horse.
squirrelmail (2:1.4.9-1) unstable; urgency=high
* New upstream bugfix release.
- Includes cross site scripting security fix [CVE-2006-6142].
- Includes Internet Explorer security issue workaround.
- Fixes misspelled constant (Closes: #401022)
squirrelmail (2:1.4.8-3) unstable; urgency=low
* Add note to README.Debian about server side sorting (Closes: #394286)
and regular_globals not being supported.
* Add IfModule conditionals for register_globals setting in
apache.conf (Closes: #398173).
squirrelmail (2:1.4.8-2) unstable; urgency=low
* Update Debian patch to display options to cope with the custom
charset plugin. Thanks Tomas Kuliavas, Closes: #385300.
* Suggest php[45]-ldap, Closes: #392306.
* Improve package description.
-- Scott Kitterman <email address hidden> Fri, 20 Jul 2007 10:22:13 +0100
