> A package compromise has been reported in multiple SquirrelMail > plugins, which can be exploited by malicious people to disclose > sensitive information. > > The vendor reports that the packages for multiple plugins have been > modified. The modifications reportedly attempt to send email > containing passwords to a certain server. > > The package compromise is reported for the following plugins and > versions: > > * sasql-3.2.0 > * multilogin-2.4-1.2.9 > * change_pass-3.0-1.4.0
