[ol5_u10_base] squirrelmail-1.4.8-21.0.2.el5.noarch

Name:	squirrelmail
Version:	1.4.8
Release:	21.0.2.el5
Architecture:	noarch
Group:	Applications/Internet
Size:	16897160
License:	GPL
RPM:	squirrelmail-1.4.8-21.0.2.el5.noarch.rpm
Source RPM:	squirrelmail-1.4.8-21.0.2.el5.src.rpm
Build Date:	Thu Jan 10 2013
Build Host:	ca-build56.us.oracle.com
Vendor:	Oracle America
URL:	http://www.squirrelmail.org/
Summary:	SquirrelMail webmail client
Description:	SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation.

Changelog (Show File list) (Show related packages)

Thu Jan 10 2013 Srinivas Maturi <srinivas.maturi@oracle.com> - 1.4.8-21.0.2.el5
```
- remove Redhat splash screen images from source
```
Wed Jan 09 2013 Srinivas Maturi <srinivas.maturi@oracle.com> - 1.4.8-21.0.1.el5
```
- remove Redhat splash screen images
- add README instead of README.RedHat
```
Wed Jul 04 2012 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-21
```
- change charset for zh_CN and zh_TW to utf-8 (#508686)
```

Tue Jun 26 2012 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-20

- fix header encoding issue (#241861)
- fix code producing warnings in the log (#475188)

Thu Jun 21 2012 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-19

- patch for CVE-2010-2813 modified wrong file (#808598)
- correct requirement is mod_php not php (#789353)
- comply with RFC2822 line length limits (#745469)
- document that SELinux boolean httpd_can_sendmail needs to be 
  turned on (#745380)
- add support for big UIDs on 32bit machines (#450780)
- do not corrupt html attachments (#359791)

Wed Feb 01 2012 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-18
```
- fix typo in CVE-2010-4555 patch
```
Thu Oct 13 2011 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-17
```
- patch for CVE-2010-2813 was not complete
```

Thu Sep 15 2011 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-16

- fix: CVE-2010-1637 : Port-scans via non-standard POP3 server ports in 
  Mail Fetch plugin
- fix: CVE-2010-2813 : DoS (disk space consumption) by random IMAP login 
  attempts with 8-bit characters in the password
- fix: CVE-2010-4554 : Prone to clickjacking attacks
- fix: CVE-2010-4555 : Multiple XSS flaws
- fix: CVE-2011-2023 : XSS in <style> tag handling
- fix: CVE-2011-2752 : CRLF injection vulnerability
- fix: CVE-2011-2753 : CSRF in the empty trash feature and in Index Order page

Tue Oct 06 2009 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-15

- fix: CVE-2009-2964 : CSRF issues in all forms - extend to all forms

Wed Sep 30 2009 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-14

- fix: CVE-2009-2964 : CSRF issues in all forms - add missing parts

Wed Sep 16 2009 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-13
```
- fix: CVE-2009-2964 : CSRF issues in all forms
```
Fri May 22 2009 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-12
```
- fix broken patch for CVE-2009-1579
```
Thu May 21 2009 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-11
```
- fix broken patch for CVE-2009-1579
```
Fri May 15 2009 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-10
```
- don't ship patch backup files
```

Fri May 15 2009 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-9

- fix: CVE-2009-1581 : CSS positioning vulnerability
- fix: CVE-2009-1579 : Server-side code injection in map_yp_alias username map
- fix: CVE-2009-1578 : Multiple cross site scripting issues

Sun Jan 18 2009 Tomas Hoger <thoger@redhat.com> - 1.4.8-8

- Update patch for CVE-2008-3663 to fix a session handling regression (#480224)

Tue Dec 02 2008 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-7

- Resolves: CVE-2008-2379
- fix XSS issue caused by an insufficient html mail sanitation

Thu Nov 29 2007 Michal Hlavinka <mhlavink@redhat.com> - 1.4.8-6

- don't transmit cookies under non-SSL connections if the session
  is started under an SSL (https) connection
- Resolves: CVE-2008-3663, #473291
- skip release number 5 to make release bigger than Z-stream

Fri May 11 2007 Martin Bacovsky <mbacovsk@redhat.com> - 1.4.8-4.1

- resolves: #239649: CVE-2007-1262 squirrelmail cross-site scripting flaw

Tue Jan 23 2007 Warren Togami <wtogami@redhat.com> 1.4.8-4
```
- Clean up .orig files (#223648)
```
Tue Jan 16 2007 Warren Togami <wtogami@redhat.com> 1.4.8-3
```
- CVE-2006-6142
```
Wed Aug 16 2006 Warren Togami <wtogami@redhat.com> 1.4.8-2
```
- more Japanese filename fixes (#195639)
```
Sat Aug 12 2006 Warren Togami <wtogami@redhat.com> 1.4.8-1
```
- 1.4.8 release with CVE-2006-4019 and upstream bug fixes
```
Wed Jul 19 2006 Warren Togami <wtogami@redhat.com> 1.4.7-5
```
- More JP translation updates (#194598)
```
Tue Jul 11 2006 Warren Togami <wtogami@redhat.com> 1.4.7-4
```
- Fix fatal typo in config_local.php (#198306)
```

Mon Jul 10 2006 Warren Togami <wtogami@redhat.com> 1.4.7-2

- Move sqspell_config.php to /etc and mark it %config(noreplace) (#192236)

Sat Jul 08 2006 Warren Togami <wtogami@redhat.com> 1.4.7-1

- 1.4.7 with CVE-2006-3174
- Reduce patch for body text (#194457)
- Better JP translation for "Check mail" (#196117)

Sat Jun 24 2006 Warren Togami <wtogami@redhat.com> 1.4.6-8

- Japanese zenkaku subject conversion      (#196017)
- Japanese MSIE garbled download ugly hack (#195639)
- Japanese multibyte attachment view text  (#195452)
- Japanese multibyte attachment body text  (#194457)
- Do not convert Japanese Help to UTF-8    (#194599)

Thu Jun 08 2006 Warren Togami <wtogami@redhat.com> 1.4.6-7
```
- CVE-2006-2842 File Inclusion Vulnerability
```
Tue Jun 06 2006 Warren Togami <wtogami@redhat.com> 1.4.6-6
```
- buildreq gettext (194169)
```
Wed Apr 05 2006 Warren Togami <wtogami@redhat.com> 1.4.6-5
```
- Fix Chinese and Korean too
```

Sat Mar 25 2006 Warren Togami <wtogami@redhat.com> 1.4.6-4

- Fix outgoing Japanese mail to iso-2022-jp for now (#185767)

Sat Mar 04 2006 Warren Togami <wtogami@redhat.com> 1.4.6-3
```
- Fix regex in doc mangling (#183943 Michal Jaegermann)
```

Sat Mar 04 2006 David Woodhouse <dwmw2@redhat.com> 1.4.6-2

- Add a %build section, move the file mangling to it.
  (#162852 Nicolas Mailhot)

Thu Mar 02 2006 David Woodhouse <dwmw2@redhat.com> 1.4.6-1

- Upgrade to 1.4.6 proper for CVE-2006-0377 CVE-2006-0195 CVE-2006-0188
- Script the charset changes instead of using a patch
- Convert the ko_KR files to UTF-8, dropping invalid characters from
  what's theoretically supposed to be EUC-KR in the original.

Wed Jan 18 2006 Warren Togami <wtogami@redhat.com> 1.4.6-0.cvs20050812.3
```
- do not remove mo files
- require php-mbstring
```
Sat Dec 10 2005 Jesse Keating <jkeating@redhat.com>
```
- rebuilt
```

Tue Sep 13 2005 David Woodhouse <dwmw2@redhat.com> 1.4.6-0.cvs20050812.2

- Convert all locales to UTF-8 instead of legacy character sets to
  work around bug #162852. Except for ko_KR, because iconv doesn't
  believe its help files are actually in EUC-KR as claimed.

Mon Aug 15 2005 Warren Togami <wtogami@redhat.com> 1.4.6-0.cvs20050812.1

- snapshot of 1.4.6 because 1.4.5 upstream was a bad release
  this hopefully will also work on PHP5 too...

Tue Jun 21 2005 Warren Togami <wtogami@redhat.com> 1.4.5-0.rc1
```
- 1.4.5-0.rc1
```

Fri Jan 28 2005 Warren Togami <wtogami@redhat.com> 1.4.4-2

- 1.4.4
- re-include translations and Provide squirrelmail-i18n
  better compatible with upstream, but we cannot split sub-package
  due to support of existing distributions
- remove unnecessary .po files

Sat Nov 20 2004 Warren Togami <wtogami@redhat.com> 1.4.3a-7

- CAN-2004-1036 Cross Site Scripting in encoded text
- #112769 updated splash screens

Fri Oct 15 2004 Warren Togami <wtogami@redhat.com> 1.4.3a-5

- default_folder_prefix dovecot compatible by default
  /etc/squirrelmail/config_local.php if you must change it

Thu Oct 14 2004 Warren Togami <wtogami@redhat.com> 1.4.3a-4

- HIGASHIYAMA Masato's patch to improve Japanese support
  (coordinated by Scott A. Hughes).
- real 1.4.3a tarball

Wed Sep 22 2004 Gary Benson <gbenson@redhat.com> 1.4.3-3
```
- rebuilt.
```

Wed Sep 01 2004 Warren Togami <wtogami@redhat.com> 1.4.3-2

- #125638 config_local.php and default_pref in /etc/squirrelmail/
  to match upstream RPM.  This should allow smoother drop-in
  replacements and upgrades.
- other spec cleanup.

Tue Jun 08 2004 Gary Benson <gbenson@redhat.com> 1.4.3-1

- upgrade to 1.4.3a.
- retain stuff after version when adding release to it.

Thu Jun 03 2004 Gary Benson <gbenson@redhat.com>
```
- upgrade to 1.4.3.
```
Sat Feb 14 2004 Elliot Lee <sopwith@redhat.com>
```
- rebuilt.
```
Thu Jan 22 2004 Gary Benson <gbenson@redhat.com> 1.4.2-2
```
- fix calendar plugin breakage (#113902).
```

Fri Jan 09 2004 Gary Benson <gbenson@redhat.com> 1.4.2-1

- upgrade to 1.4.2.
- tighten up permissions on /etc/squirrelmail/config.php (#112774).

Tue May 13 2003 Gary Benson <gbenson@redhat.com> 1.4.0-1

- upgrade to 1.4.0.
- fix links in /usr/share/doc/squirrelmail-X.Y.Z/index.html (#90269).

Tue Mar 25 2003 Gary Benson <gbenson@redhat.com> 1.2.11-1
```
- upgrade to 1.2.11 to fix CAN-2003-0160.
```

Tue Feb 11 2003 Gary Benson <gbenson@redhat.com> 1.2.10-4

- fix syntax error in download.php (#82600).
- resized splash screen to be the same size as the one it replaces
  (#82790)
- remove piece of squirrelmail-1.2.10-xss.patch that changed the
  version from '1.2.10' to '1.2.11 [cvs]'

Thu Jan 23 2003 Tim Powers <timp@redhat.com> 1.2.10-3
```
- rebuilt
```
Thu Jan 16 2003 Tim Powers <timp@redhat.com> 1.2.10-2
```
- bump and rebuild
```

Tue Dec 10 2002 Gary Benson <gbenson@redhat.com> 1.2.10-1

- patch to fix CAN-2002-1341 (#78982) and CAN-2002-1276 (#79147).

Wed Dec 04 2002 Elliot Lee <sopwith@redhat.com> 1.2.8-2
```
- fix prep macro in changelog
```

Sat Sep 21 2002 Gary Benson <gbenson@redhat.com> 1.2.8-1

- upgrade to 1.2.8 to fix CAN-2002-1131 and CAN-2002-1132 (#74313)

Wed Aug 07 2002 Preston Brown <pbrown@redhat.com> 1.2.7-4
```
- replacement splash screen.
```

Tue Jul 23 2002 Gary Benson <gbenson@redhat.com> 1.2.7-3

- get rid of long lines in the specfile.
- remove symlink in docroot and use an alias in conf.d instead.
- work with register_globals off (#68669)

Wed Jul 10 2002 Gary Benson <gbenson@redhat.com> 1.2.7-2

- hardwire the hostname (well, localhost) into the config file (#67635)

Tue Jun 25 2002 Gary Benson <gbenson@redhat.com> 1.2.7-1

- hardwire the locations into the config file and cron file.
- install squirrelmail-cleanup.cron as squirrelmail.cron.
- make symlinks relative.
- upgrade to 1.2.7.
- more dependency fixes.

Sat Jun 22 2002 Gary Benson <gbenson@redhat.com>

- summarize the summary, fix deps, and remove some redundant stuff.
- tidy up the prep section.
- replace directory definitions with standard RHL ones.

Sat Jun 22 2002 Tim Powers <timp@redhat.com> 1.2.6-3
```
- automated rebuild
```

Thu Jun 20 2002 Preston Brown <pbrown@redhat.com> 1.2.6-2

- adopted Konstantin Riabitsev <icon@duke.edu>'s package for Red Hat
  Linux.  Nice job Konstantin!