[Bug 949909] New: Several bugs in PostfixAdmin 2.3.7
http://bugzilla.novell.com/show_bug.cgi?id=949909 Bug ID: 949909 Summary: Several bugs in PostfixAdmin 2.3.7 Classification: openSUSE Product: openSUSE 13.1 Version: Final Hardware: Other OS: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: bnc-team-screening@forge.provo.novell.com Reporter: suse-beta@cboltz.de QA Contact: qa-bugs@suse.de Found By: Beta-Customer Blocker: --- PostfixAdmin 2.3.7 contains several bugs, which are fixed in 2.3.8: - don't prefill username in users/ login on failed logins - fixes (probably harmless) XSS - fix show_gen_status() to properly escape mail addresses in query (#356) - fix escaping in create-admin, create-mailbox and fetchmail templates - fixes (harmless) XSS on form validation errors - don't echo the password back to the browser in the fetchmail form There's also the usual post-release fix ;-) - this time: - enforce $CONF[min_password_length] in create-mailbox This affects only PostfixAdmin <= 2.3.7 and therefore only openSUSE 13.1. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=949909
http://bugzilla.novell.com/show_bug.cgi?id=949909#c1
Christian Boltz
http://bugzilla.novell.com/show_bug.cgi?id=949909
http://bugzilla.novell.com/show_bug.cgi?id=949909#c2
--- Comment #2 from Bernhard Wiedemann
http://bugzilla.novell.com/show_bug.cgi?id=949909
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=949909
http://bugzilla.novell.com/show_bug.cgi?id=949909#c5
--- Comment #5 from Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=949909
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com