subject:"\[Group.of.nepali.translators\] \[Bug 1630700\] Re\: CVE \- KMail \- HTML injection in plain text viewer"

[Group.of.nepali.translators] [Bug 1630700] Re: [CVE] KMail - HTML injection in plain text viewer

2017-08-21 Thread Launchpad Bug Tracker

This bug was fixed in the package kcoreaddons - 5.18.0-0ubuntu1.1

---
kcoreaddons (5.18.0-0ubuntu1.1) xenial-security; urgency=high

  * SECURITY UPDATE: KMail - HTML injection in plain text viewer
(LP: #1630700)
- CVE-2016-7966
- CVE-2016-7966_1.patch - 1be727 from upstream
- CVE-2016-7966_2.patch - 96e562 from upstream
- CVE-2016-7966_3.patch - a06cef from upstream
- CVE-2016-7966_4.patch - 5e13d2 from upstream

 -- Simon Quigley   Fri, 11 Aug 2017 23:36:27 -0500

** Changed in: kcoreaddons (Ubuntu Xenial)
   Status: In Progress => Fix Released

** Changed in: kdepimlibs (Ubuntu Trusty)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630700

Title:
  [CVE] KMail - HTML injection in plain text viewer

Status in kcoreaddons package in Ubuntu:
  Fix Released
Status in kdepimlibs package in Ubuntu:
  Fix Released
Status in kcoreaddons source package in Precise:
  Invalid
Status in kcoreaddons source package in Trusty:
  Fix Released
Status in kdepimlibs source package in Trusty:
  Fix Released
Status in kcoreaddons source package in Xenial:
  Fix Released
Status in kcoreaddons source package in Yakkety:
  Fix Released

Bug description:
  KDE Project Security Advisory
  =

  Title:  KMail: HTML injection in plain text viewer
  Risk Rating:Important
  CVE:CVE-2016-7966
  Platforms:  All
  Versions:   kmail >= 4.4.0
  Author: Andre Heinecke 
  Date:   6 October 2016

  Overview
  

  Through a malicious URL that contained a quote character it
  was possible to inject HTML code in KMail's plain text viewer.
  Due to the parser used on the URL it was not possible to include
  the equal sign (=) or a space into the injected HTML, which greatly
  reduces the available HTML functionality. Although it is possible
  to include an HTML comment indicator to hide content.

  Impact
  ==

  An unauthenticated attacker can send out mails with malicious content
  that breaks KMail's plain text HTML escape logic. Due to the limitations
  of the provided HTML in itself it might not be serious. But as a way
  to break out of KMail's restricted Plain text mode this might open
  the way to the exploitation of other vulnerabilities in the HTML viewer
  code, which is disabled by default.

  Workaround
  ==

  None.

  Solution
  

  For KDE Frameworks based releases of KMail apply the following patch to
  kcoreaddons:
  
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=96e562d9138c100498da38e4c5b4091a226dde12

  For kdelibs4 based releases apply the following patch:
  
https://quickgit.kde.org/?p=kdepimlibs.git=commitdiff=176fee25ca79145ab5c8e2275d248f1a46a8d8cf

  Credits
  ===

  Thanks to Roland Tapken for reporting this issue, Andre Heinecke from
  Intevation GmbH for analysing the problems and Laurent Montel for
  fixing this issue.

  
  Updated Information (1 November 2016)
  =

  The above mentioned patches are not enough to fix the vulnerability 
completely.
  This wasn't visible, because the patches for CVE-2016-7967 and CVE-2016-7968 
made sure,
  that this vulnerability can't harm anymore. 
  It only became visible, that this vulnerability isn't closed completely for 
systems,
  that are only affected by this CVE.

  For KCoreAddons you need:
   
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=96e562d9138c100498da38e4c5b4091a226dde12
  for applying this patch you may also need to cherry-pick:
   
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=1be7272373d60e4234f1a5584e676b579302b053
  (these two are released in KCoreAddons KDE Frameworks 5.27.0)

  additionally git commits, to close completely:
   
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=5e13d2439dbf540fdc840f0b0ab5b3ebf6642c6a
  not needed in the strong sense, but this will give you the additional 
automatic tests, to test if this CVE is closed:
   
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=a06cef31cc4c908bc9b76bd9d103fe9c60e0953f
 
  (will be part of KCoreAddons KDE Frameworks 5.28.0)

  For kdepimlibs 4.14:
   
https://quickgit.kde.org/?p=kdepimlibs.git=commitdiff=176fee25ca79145ab5c8e2275d248f1a46a8d8cf
   
https://quickgit.kde.org/?p=kdepimlibs.git=commitdiff=8bbe1bd3fdc55f609340edc667ff154b3d2aaab1
  kdepimlibs is at end of life, so no further release is planned.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kcoreaddons/+bug/1630700/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe :

[Group.of.nepali.translators] [Bug 1630700] Re: CVE - KMail - HTML injection in plain text viewer

2017-08-10 Thread Simon Quigley

** Also affects: kdepimlibs (Ubuntu)
   Importance: Undecided
   Status: New

** No longer affects: kdepimlibs (Ubuntu Precise)

** Changed in: kdepimlibs (Ubuntu Trusty)
   Status: New => In Progress

** Changed in: kdepimlibs (Ubuntu Trusty)
 Assignee: (unassigned) => Simon Quigley (tsimonq2)

** Changed in: kdepimlibs (Ubuntu)
   Status: New => Fix Released

** No longer affects: kdepimlibs (Ubuntu Xenial)

** No longer affects: kdepimlibs (Ubuntu Yakkety)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630700

Title:
  CVE - KMail - HTML injection in plain text viewer

Status in kcoreaddons package in Ubuntu:
  Fix Released
Status in kdepimlibs package in Ubuntu:
  Fix Released
Status in kcoreaddons source package in Precise:
  Invalid
Status in kcoreaddons source package in Trusty:
  Fix Released
Status in kdepimlibs source package in Trusty:
  In Progress
Status in kcoreaddons source package in Xenial:
  In Progress
Status in kcoreaddons source package in Yakkety:
  Fix Released

Bug description:
  KDE Project Security Advisory
  =

  Title:  KMail: HTML injection in plain text viewer
  Risk Rating:Important
  CVE:CVE-2016-7966
  Platforms:  All
  Versions:   kmail >= 4.4.0
  Author: Andre Heinecke 
  Date:   6 October 2016

  Overview
  

  Through a malicious URL that contained a quote character it
  was possible to inject HTML code in KMail's plain text viewer.
  Due to the parser used on the URL it was not possible to include
  the equal sign (=) or a space into the injected HTML, which greatly
  reduces the available HTML functionality. Although it is possible
  to include an HTML comment indicator to hide content.

  Impact
  ==

  An unauthenticated attacker can send out mails with malicious content
  that breaks KMail's plain text HTML escape logic. Due to the limitations
  of the provided HTML in itself it might not be serious. But as a way
  to break out of KMail's restricted Plain text mode this might open
  the way to the exploitation of other vulnerabilities in the HTML viewer
  code, which is disabled by default.

  Workaround
  ==

  None.

  Solution
  

  For KDE Frameworks based releases of KMail apply the following patch to
  kcoreaddons:
  
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=96e562d9138c100498da38e4c5b4091a226dde12

  For kdelibs4 based releases apply the following patch:
  
https://quickgit.kde.org/?p=kdepimlibs.git=commitdiff=176fee25ca79145ab5c8e2275d248f1a46a8d8cf

  Credits
  ===

  Thanks to Roland Tapken for reporting this issue, Andre Heinecke from
  Intevation GmbH for analysing the problems and Laurent Montel for
  fixing this issue.

  
  Updated Information (1 November 2016)
  =

  The above mentioned patches are not enough to fix the vulnerability 
completely.
  This wasn't visible, because the patches for CVE-2016-7967 and CVE-2016-7968 
made sure,
  that this vulnerability can't harm anymore. 
  It only became visible, that this vulnerability isn't closed completely for 
systems,
  that are only affected by this CVE.

  For KCoreAddons you need:
   
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=96e562d9138c100498da38e4c5b4091a226dde12
  for applying this patch you may also need to cherry-pick:
   
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=1be7272373d60e4234f1a5584e676b579302b053
  (these two are released in KCoreAddons KDE Frameworks 5.27.0)

  additionally git commits, to close completely:
   
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=5e13d2439dbf540fdc840f0b0ab5b3ebf6642c6a
  not needed in the strong sense, but this will give you the additional 
automatic tests, to test if this CVE is closed:
   
https://quickgit.kde.org/?p=kcoreaddons.git=commitdiff=a06cef31cc4c908bc9b76bd9d103fe9c60e0953f
 
  (will be part of KCoreAddons KDE Frameworks 5.28.0)

  For kdepimlibs 4.14:
   
https://quickgit.kde.org/?p=kdepimlibs.git=commitdiff=176fee25ca79145ab5c8e2275d248f1a46a8d8cf
   
https://quickgit.kde.org/?p=kdepimlibs.git=commitdiff=8bbe1bd3fdc55f609340edc667ff154b3d2aaab1
  kdepimlibs is at end of life, so no further release is planned.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kcoreaddons/+bug/1630700/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1630700] Re: CVE - KMail - HTML injection in plain text viewer

2016-10-12 Thread Marc Deslauriers

Unsubscribing ubuntu-security-sponsors for now since there is nothing to
sponsor. Once a debdiff is attached, please re-subscribe the group.
Thanks!

** Changed in: kcoreaddons (Ubuntu Trusty)
   Status: New => Fix Released

** Changed in: kcoreaddons (Ubuntu Precise)
   Status: In Progress => Invalid

** Changed in: kcoreaddons (Ubuntu Trusty)
   Status: Fix Released => Invalid

** Changed in: kcoreaddons (Ubuntu Xenial)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630700

Title:
  CVE - KMail - HTML injection in plain text viewer

Status in kcoreaddons package in Ubuntu:
  Fix Released
Status in kcoreaddons source package in Precise:
  Invalid
Status in kcoreaddons source package in Trusty:
  Invalid
Status in kcoreaddons source package in Xenial:
  Confirmed
Status in kcoreaddons source package in Yakkety:
  Fix Released

Bug description:
  KDE Project Security Advisory
  =

  Title: KMail: HTML injection
  Risk Rating:  Important
  CVE:  #TODO
  Platforms:  All
  Versions:   kmail >= 4.4.0
  Author: #TODO
  Date:#TODO

  Overview
  

  Through a malicious URL that contained a quote character it
  was possible to inject HTML code in KMail's plain text viewer.
  Due to the parser used on the URL it was not possible to include
  the equal sign (=) or a space into the injected HTML, which greatly
  reduces the available HTML functionality. Although it is possible
  to include an HTML comment indicator to hide content.

  Impact
  ==

  An unauthenticated attacker can send out mails with malicious content
  that breaks KMail's plain text HTML escape logic. Due to the limitations
  of the provided HTML in itself it might not be serious. But as a way
  to break out of KMail's restricted Plain text mode this might open
  the way to the exploitation of other vulnerabilities in the HTML viewer
  code, which is disabled by default.

  Workaround
  ==

  None.

  Solution
  

  For KDE Frameworks based releases of KMail apply the following patch to
  kcoreaddons:

  https://quickgit.kde.org/?
  p=kcoreaddons.git=commitdiff=96e562d9138c100498da38e4c5b4091a226dde12

  For KDE 4 apply the following patch:
  https://quickgit.kde.org/?
  p=kdepimlibs.git=commitdiff=176fee25ca79145ab5c8e2275d248f1a46a8d8cf

  Credits
  ===

  Thanks to Roland Tapken for reporting this issue, Andre Heinecke from
  Intevation GmbH for analysing the problems and Laurent Montel for
  fixing this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kcoreaddons/+bug/1630700/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1630700] Re: CVE - KMail - HTML injection in plain text viewer

2016-10-09 Thread Launchpad Bug Tracker

This bug was fixed in the package kcoreaddons - 5.26.0-0ubuntu2

---
kcoreaddons (5.26.0-0ubuntu2) yakkety; urgency=medium

  * SECURITY UPDATE: KMail - HTML injection in plain text viewer
(LP: #1630700)
- debian/patches/0001-Fix-very-old-bug-when-we-remove-space-in-
  url-as-foo-.patch: Code added by upstream to fix another bug,
  but needs to be applied in advance of patch 0002
- debian/patches/0002-Don-t-convert-as-url-an-url-which-has-a.patch:
  Fixes CVE-2016-7966
Patches cherrypicked from Debian:
https://anonscm.debian.org/git/pkg-kde/frameworks/kcoreaddons.git
Commit: ab7258dd8a87668ba63c585a69f41f291254aa43
Many thanks to Sandro Knauß for these patches

 -- Clive Johnston   Fri, 07 Oct 2016 23:57:19
+0100

** Changed in: kcoreaddons (Ubuntu Yakkety)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630700

Title:
  CVE - KMail - HTML injection in plain text viewer

Status in kcoreaddons package in Ubuntu:
  Fix Released
Status in kcoreaddons source package in Precise:
  In Progress
Status in kcoreaddons source package in Trusty:
  New
Status in kcoreaddons source package in Xenial:
  New
Status in kcoreaddons source package in Yakkety:
  Fix Released

Bug description:
  KDE Project Security Advisory
  =

  Title: KMail: HTML injection
  Risk Rating:  Important
  CVE:  #TODO
  Platforms:  All
  Versions:   kmail >= 4.4.0
  Author: #TODO
  Date:#TODO

  Overview
  

  Through a malicious URL that contained a quote character it
  was possible to inject HTML code in KMail's plain text viewer.
  Due to the parser used on the URL it was not possible to include
  the equal sign (=) or a space into the injected HTML, which greatly
  reduces the available HTML functionality. Although it is possible
  to include an HTML comment indicator to hide content.

  Impact
  ==

  An unauthenticated attacker can send out mails with malicious content
  that breaks KMail's plain text HTML escape logic. Due to the limitations
  of the provided HTML in itself it might not be serious. But as a way
  to break out of KMail's restricted Plain text mode this might open
  the way to the exploitation of other vulnerabilities in the HTML viewer
  code, which is disabled by default.

  Workaround
  ==

  None.

  Solution
  

  For KDE Frameworks based releases of KMail apply the following patch to
  kcoreaddons:

  https://quickgit.kde.org/?
  p=kcoreaddons.git=commitdiff=96e562d9138c100498da38e4c5b4091a226dde12

  For KDE 4 apply the following patch:
  https://quickgit.kde.org/?
  p=kdepimlibs.git=commitdiff=176fee25ca79145ab5c8e2275d248f1a46a8d8cf

  Credits
  ===

  Thanks to Roland Tapken for reporting this issue, Andre Heinecke from
  Intevation GmbH for analysing the problems and Laurent Montel for
  fixing this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kcoreaddons/+bug/1630700/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1630700] Re: CVE - KMail - HTML injection in plain text viewer

2016-10-07 Thread Scott Kitterman

** Also affects: kcoreaddons (Ubuntu Precise)
   Importance: Undecided
   Status: New

** Also affects: kcoreaddons (Ubuntu Trusty)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630700

Title:
  CVE - KMail - HTML injection in plain text viewer

Status in kcoreaddons package in Ubuntu:
  In Progress
Status in kcoreaddons source package in Precise:
  New
Status in kcoreaddons source package in Trusty:
  New
Status in kcoreaddons source package in Xenial:
  New
Status in kcoreaddons source package in Yakkety:
  In Progress

Bug description:
  KDE Project Security Advisory
  =

  Title: KMail: HTML injection
  Risk Rating:  Important
  CVE:  #TODO
  Platforms:  All
  Versions:   kmail >= 4.4.0
  Author: #TODO
  Date:#TODO

  Overview
  

  Through a malicious URL that contained a quote character it
  was possible to inject HTML code in KMail's plain text viewer.
  Due to the parser used on the URL it was not possible to include
  the equal sign (=) or a space into the injected HTML, which greatly
  reduces the available HTML functionality. Although it is possible
  to include an HTML comment indicator to hide content.

  Impact
  ==

  An unauthenticated attacker can send out mails with malicious content
  that breaks KMail's plain text HTML escape logic. Due to the limitations
  of the provided HTML in itself it might not be serious. But as a way
  to break out of KMail's restricted Plain text mode this might open
  the way to the exploitation of other vulnerabilities in the HTML viewer
  code, which is disabled by default.

  Workaround
  ==

  None.

  Solution
  

  For KDE Frameworks based releases of KMail apply the following patch to
  kcoreaddons:

  https://quickgit.kde.org/?
  p=kcoreaddons.git=commitdiff=96e562d9138c100498da38e4c5b4091a226dde12

  For KDE 4 apply the following patch:
  https://quickgit.kde.org/?
  p=kdepimlibs.git=commitdiff=176fee25ca79145ab5c8e2275d248f1a46a8d8cf

  Credits
  ===

  Thanks to Roland Tapken for reporting this issue, Andre Heinecke from
  Intevation GmbH for analysing the problems and Laurent Montel for
  fixing this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kcoreaddons/+bug/1630700/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1630700] Re: [CVE] KMail - HTML injection in plain text viewer

[Group.of.nepali.translators] [Bug 1630700] Re: CVE - KMail - HTML injection in plain text viewer

[Group.of.nepali.translators] [Bug 1630700] Re: CVE - KMail - HTML injection in plain text viewer

[Group.of.nepali.translators] [Bug 1630700] Re: CVE - KMail - HTML injection in plain text viewer

[Group.of.nepali.translators] [Bug 1630700] Re: CVE - KMail - HTML injection in plain text viewer

5 matches

Site Navigation

Mail list logo

Footer information