The problem can be corrected by upgrading the affected package to
version 0.45.6-1ubuntu0.1 (for Ubuntu 4.10), or 0.47-3ubuntu1.3 (for
Ubuntu 5.04). In general, a standard system upgrade is sufficient to
effect the necessary changes.
Several Cross Site Scripting vulnerabilities were discovered in
SqWebmail. A remote attacker could exploit this to execute arbitrary
of an SqWebmail user by sending specially crafted emails to him.
Please note that the "sqwebmail" package is not officially supported
by Ubuntu (it is in the "universe" section of the archive).