This bug was fixed in the package kdepimlibs - 4:4.13.3-0ubuntu0.3 --------------- kdepimlibs (4:4.13.3-0ubuntu0.3) trusty-security; urgency=high
* SECURITY UPDATE: KMail: HTML injection in plain text viewer * References (LP: #1631237) * CVE-2016-7966 * Avoid transforming as a url in plain text mode when there is a quote * Add debian/patches/CVE-2016-7966.diff from upstream -- Scott Kitterman <[email protected]> Thu, 06 Oct 2016 23:50:44 -0400 ** Changed in: kdepimlibs (Ubuntu Trusty) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-7966 -- You received this bug notification because you are a member of Kubuntu Bugs, which is subscribed to kdepimlibs in Ubuntu. https://bugs.launchpad.net/bugs/1631237 Title: KMail: HTML injection in plain text viewer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kdepimlibs/+bug/1631237/+subscriptions -- kubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs
