> |>Regarding the amount of attendance, we are asking ourselves, how much > |>security-updates have been released during the last year. Is there any > |>list, where one could find out? > | > | > | Not really. We are talking about being more intentional about that, but > | if you want to be the safest, use a snapshot of the CVS code from the > | STABLE branch (currently 1.4.4) and you'll be up to date. > | > > I didn't want a list, showing pending vulnarabilites in SM (dont't > guess there are too much). Just wanted to know, how often we need to > update SM to have a secure version. > But due to the fact, that SuSE (the distribution we use) is offering > SM as an RPM, we'll be save enough to use their rpm, which is > maintained by YOU,
http://www.securityfocus.com/bid/vendor/ There are search options for SquirrelMail. If you use SLES, you should ask suse representatives about support options. If you use free version of SUSE Linux, SUSE has six months update cycle. But they still provide security patches for older versions. Some suse representative can say more. In case of squirrelmail suse 8.1-9.1 versions should include patches for vulnerabilities fixed in 1.4.3a release. I don't see fixes for latest xss fix. -- Tomas ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ -- squirrelmail-users mailing list Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines List Address: [EMAIL PROTECTED] List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
