openSUSE Recommended Update: Recommended update for PostfixAdmin ______________________________________________________________________________ Announcement ID: openSUSE-RU-2015:1724-1 Rating: moderate References: #949909 Affected Products: openSUSE 13.1 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: PostfixAdmin was updated to 2.3.8 to deliver bugs fixed upstream. * don't prefill username in users/ login on failed logins - fixes (probably harmless) XSS * properly escape mail addresses in query (#356) * fix escaping in create-admin, create-mailbox and fetchmail templates * fixes (harmless) XSS on form validation errors * don't echo the password back to the browser in the fetchmail form * enforce minimum password length in create-mailbox Patch Instructions: To install this openSUSE Recommended Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2015-654=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (noarch): postfixadmin-2.3.8-5.7.1 References: https://bugzilla.suse.com/949909