[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 3697-1] kdepimlibs security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3697-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
October 21, 2016                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : kdepimlibs
CVE ID         : CVE-2016-7966

Roland Tapken discovered that insufficient input sanitising in KMail's
plain text viewer allowed the injection of HTML code.

For the stable distribution (jessie), this problem has been fixed in
version 4:4.14.2-2+deb8u2.

We recommend that you upgrade your kdepimlibs packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYCnJqAAoJEBDCk7bDfE42ZZMQAKCMX/aEhAVm/Tz9C/Ho/BKO
KsA6asklSAq0qHUVxjuVv39HgHbXE5NLbPg+SMQskzcpuL/s1auBE8k2vi9+Wryn
PxYNihkG5aV5bNPxGLss3niZTW0t8nceevj5iHz6z/anq5NGCCgA94Sln02FLNGP
hdT4ciGgo6hjeq2HhfyrlKGZJe2GaHIUt7t+qyf8Cx8hi6XURS1tM0Op/nrE+Ye+
sBNa+OEYC9r1f0y7O6PaF1P+vEeo9AscbGAuVGzt2ez1QhA4t2ezgZ+lb+AlI7j6
pmoCGWv3gfvFbPSJFE5KAq3u5F3xXpFDy38V6/13dylFexfQw4aWr8hIb8DiRSqe
iRFgp+Tgwhfc9g37T2uRxsaOHVimMSE8lNjO0yV8wzgJcPQ0xEyQtmWLScCc34YF
Fp/Pt1BF/RbAA+WiZKKWuJTDBt4aQtLUXVvpSpqNUL/IvpUWLKAJgqanHP/yhu39
/IDS0Hl0PMc5H4YA925T9DEOkFxcz5atKFcX7FzHdwL5WyzIgo3yehMgPFmaxyYl
AIANYhe0HzcPqAIp1oIbRlYyVsI5boH4YrnGicdP8hJA0ZKDoOf5UC8K9V7wK9Qq
thZS3Mdha6lKb+NJnTpqnLEVtqNhs5AMlSwvlSeFpoD0ecDlltX+uhs8zjl9SMJF
Dhqb0Bt4LNfoK69ZL5p/
=79DN
-----END PGP SIGNATURE-----


Reply to: