Univention Bugzilla – Bug 51758
kdepim-runtime: Multiple issues (4.4)
Last modified: 2020-08-05 15:15:38 CEST
New Debian kdepim-runtime 4:16.04.2-2+deb9u1 fixes: This update addresses the following issue: * KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use. (CVE-2020-15954)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/kdepim-runtime_16.04.2-2.dsc +++ apt/ucs_4.4-0-errata4.4-5/source/kdepim-runtime_16.04.2-2+deb9u1.dsc @@ -1,3 +1,9 @@ +4:16.04.2-2+deb9u1 [Thu, 30 Jul 2020 12:01:57 +0100] Chris Lamb <lamby@debian.org>: + + * CVE-2020-15954: Fix an issue where kdepim-runtime would default to using + unencrypted POP3 communication despite the UI indicating that encryption + was in use. + 4:16.04.2-2 [Tue, 05 Jul 2016 17:02:42 +0200] Maximiliano Curia <maxy@debian.org>: * Release to unstable. <http://10.200.17.11/4.4-5/#6656220079894841979>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-5] 4b648ceaa6 Bug #51758: kdepim-runtime 4:16.04.2-2+deb9u1 doc/errata/staging/kdepim-runtime.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x691>