CVE-2017-7692 and Security Scanner

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

CVE-2017-7692 and Security Scanner


our university uses a security scanner to check for outdated and
insecure software.
The scanner recently noticed, that squirrel mail was vulnerable for
According to your Changelog, this CVE has been fixed on April, 25.

The security scanner has not been able to recognize, that you fixed the CVE,
because it can only check the Version string of squirrelmail.

Is it possible, that you increase the minor Version each time a CVE is
so security scanners will be able to detect, if a version is installed,
where the CVE is fixed?


Frank Knoben

RWTH Aachen

Check out the vibrant tech community on one of the world's most
engaging tech sites,!
squirrelmail-users mailing list
Posting guidelines:
List address: [hidden email]
List archives:
List info (subscribe/unsubscribe/change options):