Ubuntu
kcoreaddons package

  1. Bug #1630700
  2. Comment #20

Comment 20 for bug 1630700

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package kdepimlibs - 4:4.13.3-0ubuntu0.4

---------------
kdepimlibs (4:4.13.3-0ubuntu0.4) trusty-security; urgency=high

  * SECURITY UPDATE: KMail: HTML injection in plain text viewer (LP: #1630700)
    - CVE-2016-7966
    - The security vulnerability was not completely fixed in the last update.
      This upload applies one additional commit from upstream to completely
      fix it.
    - Split CVE-2016-7966.diff into CVE-2016-7966_1.patch and
      CVE-2016-7966_2.patch and add DEP-3 meta-information to make it clear
      that to fix the CVE, two patches are needed.

 -- Simon Quigley <email address hidden> Thu, 10 Aug 2017 17:52:29 -0500