On Tuesday 23 September 2008 22:54, Stefan Fritsch wrote:
> Squirrelmail does not set the secure flag for its session cookie when
> accessed over https. See
>
> http://int21.de/cve/CVE-2008-3663-squirrelmail.html

Thanks - I'm aware of the issue and upstream is working to provide an adequate 
patch.


cheers,
Thijs

Attachment: pgpHagSGy6Aud.pgp
Description: PGP signature

Reply via email to