This bug was fixed in the package kdepim - 4:4.13.3-0ubuntu0.2
---
kdepim (4:4.13.3-0ubuntu0.2) trusty-security; urgency=medium
* SECURITY UPDATE: Send Later with Delay bypasses OpenPGP (LP: #1698180):
- fix-CVE-2017-9604.patch
- CVE-2017-9604
-- Simon Quigley
This bug was fixed in the package kdepim - 4:15.12.3-0ubuntu1.1
---
kdepim (4:15.12.3-0ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: Send Later with Delay bypasses OpenPGP (LP: #1698180):
- fix-CVE-2017-9604.patch
- CVE-2017-9604
-- Simon Quigley
I have uploaded these fixes (for Xenial and Trusty) to a fresh test PPA
of mine with all architectures switched on and only the security repo
enabled. I then tested both in VMs of each release, and they work as
intended. It also fixes the security issue.
Security Team, feel free to copy my
** No longer affects: kdepim (Ubuntu Artful)
** No longer affects: kdepim (Ubuntu Zesty)
** Changed in: kdepim (Ubuntu Trusty)
Assignee: (unassigned) => Simon Quigley (tsimonq2)
** Changed in: kdepim (Ubuntu Xenial)
Assignee: (unassigned) => Simon Quigley (tsimonq2)
** Changed in:
** Changed in: kf5-messagelib (Ubuntu)
Status: Fix Committed => Fix Released
** Changed in: kmail (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
kdepim no longer exists in Artful, and fixes are in artful-proposed for
kmail and kf5-messagelib (it's part of the new upstream release).
** Changed in: kdepim (Ubuntu Artful)
Status: In Progress => Fix Committed
** Changed in: kdepim (Ubuntu Artful)
Status: Fix Committed =>