On Tuesday 23 September 2008 22:54, Stefan Fritsch wrote: > Squirrelmail does not set the secure flag for its session cookie when > accessed over https. See > > http://int21.de/cve/CVE-2008-3663-squirrelmail.html
Thanks - I'm aware of the issue and upstream is working to provide an adequate patch. cheers, Thijs
pgpHagSGy6Aud.pgp
Description: PGP signature