[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 673-1] kdepimlibs security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : kdepimlibs
Version        : 4:4.8.4-2+deb7u1
CVE ID         : CVE-2016-7966
Debian Bug     : 840546


Roland Tapken discovered that insufficient input sanitizing in KMail's
plain text viewer allowed attackers the injection of HTML code. This
might open the way to the exploitation of other vulnerabilities in the
HTML viewer code, which is disabled by default.

For Debian 7 "Wheezy", these problems have been fixed in version
4:4.8.4-2+deb7u1.

We recommend that you upgrade your kdepimlibs packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQJ8BAEBCgBmBQJYC4PJXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkII4P/R8m7arLaQgDdruSZ9TTmF2J
G3M5UZMCr+6q3IHBgzmL+qLe4EIhttye8qCu/OZP2+BQndcFhadRELFckmzVDKS+
9xBJGPHVpBoYx3SAPbZPz+xaIR/PmTGfSN36WKTDJ5PuMl4THIKYTshnZpUsayf0
b3NgvWxlLAii0UB9zaVurnucAxZuOZMymhS3Zy52o0dXEpPd5nXkCvJyOaPHqoCI
FtpGZzPU7MXzo64rIwhy6ed7q1ljaH6PjdM+ebfkIuQV+qgGb8XK2ils1cM+gHu+
TY2gir3T8L0DylVLgnzk4M2RrllAQZJhXYEaIkzHcpQREphRhO5up9zouvuA94MD
KbUg8snPO6nHuABAWZF5c0q/Qmb1jQ0syt/d6R8wKJYAes0Ljk0q75YvwtfLGQn+
7PzUvsi/IxjVTATC9iyL8t36bJXRp9zf60JWSOtoKbm0kA+c1Kli0DdmFobq+Put
rQXmDgxpEzS939HcrTkhRZNZB+dcXBeLD3TccUoYud37F4V++u4WRKsVzupFq0bs
85p6cSkVcEBMVEfIznhjcsjDb4MeLUw5ZXnBYU6Yo61N2FvLAr82ptB/tkLKVoHI
RGDhUZMMeMOn3v5X54OKL3LOkfY44gIzhP3TFmhHnklWof7jl2cHwjrqcJw44iQ6
Pgo+0XHdRCcp6b3c5v4w
=Owy9
-----END PGP SIGNATURE-----


Reply to: