ANNOUNCE: SquirrelMail 1.4.16 Released
Sep 28, 2008 by Thijs Kinkhorst
|
|
The SquirrelMail team is happy to announce the release 1.4.16. The most notable change is that cookies are now sent with the secure attribute set for HTTPS-connections, meaning that they cannot leak to an HTTP-connection on the same SquirrelMail installation. For details see the included ReleaseNotes. We advise users that offer their SquirrelMail both over HTTP and HTTPS to upgrade.
download here |
ANNOUNCE: SquirrelMail 1.4.15 Released
May 23, 2008 by Thijs Kinkhorst
|
|
We are proud to release SquirrelMail 1.4.15, containing an assortment of bugfixes accumulated since the release of 1.4.13. We've skipped the 1.4.14 version number because that one has been abused by spammers (see below). This release can as usual be found on our download page. Happy SquirrelMailing! |
ANNOUNCE: SquirrelMail 1.4.15 RC 1 Released
May 12, 2008 by Thijs Kinkhorst
|
|
The SquirrelMail developers are happy to release the first Release Candidate for the upcoming 1.4.15 stable release. A release candidate is intended as the final public verification that a version is all right before it's declared "stable". Please try it out and report any bugs to us. See our download page for more information. |
SECURITY: Spam Alert Update
Mar 27, 2008 by Fredrik Jervfors
|
|
Apparently the spammer mentioned in the previous news item has taken things a step further. Now mails about upgrading to SquirrelMail 1.4.14-rc1 are being sent out. Note that there's no such version available at this project's download page, simply because we haven't released such a version! Don't fall for the scam and install software written by a spammer. We cannot stress this enough. Installing software modified by a spammer is harmful for your system, so just don't do it. Always use our download page or your distribution's package manager to get ahold of updated versions of SquirrelMail. |
SECURITY: Spam Alert
Mar 05, 2008 by Paul Lesniewski
|
|
We'd like to alert the community to the fact that, along with the long-standing spam issue detailed in our Administrator's Manual, there has been some spam circulating in the last several days that claims to be a package update notification from the SquirrelMail Team similar to the previous news item below. The message contains a link to a spoofed SquirrelMail login page that appears to harvest email addresses and passwords and then redirect back to squirrelmail.org. Please note that the SquirrelMail Team NEVER sends out direct, unsolicited messages, and will NEVER ask for your username, email address, or password. The only messages you'll ever get directly from the SquirrelMail Team are ones that come on one of our several mailing lists that require subscription. |
ANNOUNCE: SquirrelMail 1.4.13 Released
Dec 14, 2007 by Jonathan Angliss
|
|
Due to the package compromise of 1.4.11, and 1.4.12, we are forced to
release 1.4.13 to ensure no confusions. While initial review didn't
uncover a need for concern, several proof of concepts show that the
package alterations introduce a high risk security issue, allowing
remote inclusion of files. These changes would allow a remote user the
ability to execute exploit code on a victim machine, without any user
interaction on the victim's server. This could grant the attacker the
ability to deploy further code on the victim's server.
We STRONGLY advise all users of 1.4.11, and 1.4.12 upgrade
immediately. |
|
Plugin Updates
Password Forget
v2.2 on Nov 3, 2008
Login Aliases
v2.5 on Nov 1, 2008
Cleanup
v0.3 on Oct 6, 2008
Reset User Preferences
v1.1 on Sep 23, 2008
S/MIME Verification
v0.7 on Sep 20, 2008
Mark Read
v2.0 on Aug 27, 2008
Empty Folders
v2.0 on Aug 18, 2008
Compatibility
v2.0.13 on Jul 27, 2008
Login Manager
v3.10 on Jul 27, 2008
Multilogin
v2.4 on Jul 27, 2008
Address Book Grouping and Pagination
v1.1 on Jul 20, 2008
Message Flags & Icons
v1.4.15a on Jul 19, 2008
|
|
|
