Gentoo Linux Security Advisory 201001-8 - Multiple vulnerabilities were found in SquirrelMail of which the worst results in remote code execution. Versions less than 1.4.19 are affected.
79b67914b106df3b61ec634b24ec4b26b65f59c9160a95eb40b09212c2f69ae2
Mandriva Linux Security Advisory 2009-122 - The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. The updated packages have been upgraded to the latest version of squirrelmail to prevent this.
4d625c059ac76fa426b4364168404a4461455a591f139796b5f4e3a268329ad9
Debian Security Advisory 1802-2 - Michal Hlavinka discovered that the fix for code execution in the map_yp_alias function, known as CVE-2009-1579 and released in DSA 1802-1, was incomplete. This update corrects the fix for that function.
427516df8ef9ab4b92105500b37d7a760f482163d4eb284532448ec29c628c7f