From owner-freebsd-ports  Mon Apr 22 11:53:52 2002
Delivered-To: freebsd-ports@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 8A55637B426
	for <freebsd-ports@hub.freebsd.org>; Mon, 22 Apr 2002 11:53:05 -0700 (PDT)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g3MGU1f74752;
	Mon, 22 Apr 2002 09:30:01 -0700 (PDT)
	(envelope-from gnats)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 2249C37B435
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 22 Apr 2002 09:20:54 -0700 (PDT)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g3MG52g65859;
	Mon, 22 Apr 2002 09:05:02 -0700 (PDT)
	(envelope-from nobody)
Message-Id: <200204221605.g3MG52g65859@freefall.freebsd.org>
Date: Mon, 22 Apr 2002 09:05:02 -0700 (PDT)
From: Martin Perry <martin@raq.cx>
To: freebsd-gnats-submit@freebsd.org
X-Send-Pr-Version: www-1.0
Subject: ports/37345: Port Update Request: mail/imp: 2.2.7 -> 2.2.8 or 3.1
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports>
X-Loop: FreeBSD.org


>Number:         37345
>Category:       ports
>Synopsis:       Port Update Request: mail/imp: 2.2.7 -> 2.2.8 or 3.1
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 22 09:30:01 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Martin Perry
>Release:        4.5-RELEASE-p4
>Organization:
>Environment:
FreeBSD dream.raq.cx 4.5-RELEASE-p4 FreeBSD 4.5-RELEASE-p4 #3: Mon Apr 22 14:39:08 BST 2002     martin@dream.raq.cx:/usr/obj/usr/src/sys/GENERIC  i386

>Description:
      Would it be possible to update the IMP port to the latest version, apparantely there is a security problem with 2.2.7 the current version in the ports tree. Here's a quote from the authors web site:

2002-04-06

IMP 2.2.8 and Horde 1.2.8 (SECURITY) have been released.

Download from ftp://ftp.horde.org/pub/horde/ and ftp://ftp.horde.org/pub/imp/ 
This version prevents some potential cross-site scripting (CSS) attacks. If an upgrade to IMP 3 is not possible, administrators of IMP 2.2.x production systems are encouraged to upgrade to prevent this attack against your systems. 

>How-To-Repeat:
      
>Fix:
      
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message