Gentoo Security Advisory GLSA 200411-25 (SquirrelMail)

The remote host is missing updates announced in advisory GLSA 200411-25.
All SquirrelMail users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/squirrelmail-1.4.3a-r2' Note: Users with the vhosts USE flag set should manually use webapp-config to finalize the update.
Squirrelmail fails to properly sanitize user input, which could lead to a compromise of webmail accounts.