Mailinglist Archive: opensuse-updates (61 mails)

< Previous Next >
openSUSE-RU-2015:1724-1: moderate: Recommended update for PostfixAdmin
openSUSE Recommended Update: Recommended update for PostfixAdmin

Announcement ID: openSUSE-RU-2015:1724-1
Rating: moderate
References: #949909
Affected Products:
openSUSE 13.1

An update that has one recommended fix can now be installed.


PostfixAdmin was updated to 2.3.8 to deliver bugs fixed upstream.

* don't prefill username in users/ login on failed logins - fixes
(probably harmless) XSS
* properly escape mail addresses in query (#356)
* fix escaping in create-admin, create-mailbox and fetchmail templates
* fixes (harmless) XSS on form validation errors
* don't echo the password back to the browser in the fetchmail form
* enforce minimum password length in create-mailbox

Patch Instructions:

To install this openSUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2015-654=1

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 13.1 (noarch):



< Previous Next >
This Thread
  • No further messages