document cve's

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@10614 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/ChangeLog b/ChangeLog
index a6d374382f6aae7579dffcf1c1752d200e7985a7..6acfc9ab1c5c51bb64dcc46d235fcc1a5681a595 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -511,14 +511,17 @@ Version 1.5.1 -- CVS
   - Fixed character wrapping/encoding issues in Japanese translation (#1377622). 
     Issue is specific to sqBodyWrap() and string function wrappers introduced in 
     1.5.1.
   - Fixed character wrapping/encoding issues in Japanese translation (#1377622). 
     Issue is specific to sqBodyWrap() and string function wrappers introduced in 
     1.5.1.

-  - MagicHTML fix for comments in styles.
+  - Security: MagicHTML fix for comments in styles which allowed
+    for cross site scripting when using Internet Explorer
+    [CVE-2006-0195].

   - Added 'mail' and 'sn' attributes to address book LDAP backend search
     expression (#1368154).
   - Added mailbox caching code by Michael Long.
   - Prevent output of whitespace during plugin activation. Fixes possible 
     attachment corruption by incorrectly coded plugins.
   - Fixed data sanitizing in calendar plugin (#1291081)(#705796).
   - Added 'mail' and 'sn' attributes to address book LDAP backend search
     expression (#1368154).
   - Added mailbox caching code by Michael Long.
   - Prevent output of whitespace during plugin activation. Fixes possible 
     attachment corruption by incorrectly coded plugins.
   - Fixed data sanitizing in calendar plugin (#1291081)(#705796).

-  - Prohibit imap injection attempts (reported by Vicente Aguilera)
+  - Security: Prohibit imap injection attempts (reported by Vicente Aguilera)
+    [CVE-2006-0377].

   - Don't move messages in sqimap_msgs_list_move() function call, when target
     mailbox is same as source mailbox. Adds fifth argument to 
     sqimap_msgs_list_move() function. Fixes possible issues on MacOS Cyrus
   - Don't move messages in sqimap_msgs_list_move() function call, when target
     mailbox is same as source mailbox. Adds fifth argument to 
     sqimap_msgs_list_move() function. Fixes possible issues on MacOS Cyrus

diff --git a/ReleaseNotes b/ReleaseNotes
index 3863ea32c1963836c4bd29b4eaac555dfb194a24..bbb0d15d44602de55e550c2ef913ed74a0a189af 100644 (file)
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -64,6 +64,9 @@ release:
  CVE-2005-0104 - Possible XSS issues in src/webmail.php.
  CVE-2005-1769 - Several cross site scripting (XSS) attacks.
  CVE-2005-2095 - Extraction of all POST variables in advanced identity code.
  CVE-2005-0104 - Possible XSS issues in src/webmail.php.
  CVE-2005-1769 - Several cross site scripting (XSS) attacks.
  CVE-2005-2095 - Extraction of all POST variables in advanced identity code.

+ CVE-2006-0188 - Possible XSS through right_frame parameter in webmail.php.
+ CVE-2006-0195 - Possible XSS in MagicHTML, IE only.
+ CVE-2006-0377 - IMAP injection in sqimap_mailbox_select mailbox parameter.

 
 If you use SquirrelMail 1.5.0, you should upgrade to 1.5.1 or downgrade to latest
 stable SquirrelMail version.
 
 If you use SquirrelMail 1.5.0, you should upgrade to 1.5.1 or downgrade to latest
 stable SquirrelMail version.