projects / squirrelmail.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
update mailbox cache if new folders are created (first time login when
[squirrelmail.git] / ReleaseNotes
diff --git a/ReleaseNotes b/ReleaseNotes
index 3863ea32c1963836c4bd29b4eaac555dfb194a24..bbb0d15d44602de55e550c2ef913ed74a0a189af 100644 (file)
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -64,6 +64,9 @@ release:
  CVE-2005-0104 - Possible XSS issues in src/webmail.php.
  CVE-2005-1769 - Several cross site scripting (XSS) attacks.
  CVE-2005-2095 - Extraction of all POST variables in advanced identity code.
  CVE-2005-0104 - Possible XSS issues in src/webmail.php.
  CVE-2005-1769 - Several cross site scripting (XSS) attacks.
  CVE-2005-2095 - Extraction of all POST variables in advanced identity code.
+ CVE-2006-0188 - Possible XSS through right_frame parameter in webmail.php.
+ CVE-2006-0195 - Possible XSS in MagicHTML, IE only.
+ CVE-2006-0377 - IMAP injection in sqimap_mailbox_select mailbox parameter.
 
 If you use SquirrelMail 1.5.0, you should upgrade to 1.5.1 or downgrade to latest
 stable SquirrelMail version.
 
 If you use SquirrelMail 1.5.0, you should upgrade to 1.5.1 or downgrade to latest
 stable SquirrelMail version.
Unnamed repository; edit this file 'description' to name the repository.