This bug was fixed in the package kdepimlibs - 4:4.13.3-0ubuntu0.3

kdepimlibs (4:4.13.3-0ubuntu0.3) trusty-security; urgency=high

  * SECURITY UPDATE: KMail: HTML injection in plain text viewer
  * References (LP: #1631237)
  * CVE-2016-7966
  * Avoid transforming as a url in plain text mode when there is a quote
  * Add debian/patches/CVE-2016-7966.diff from upstream

 -- Scott Kitterman <>  Thu, 06 Oct 2016 23:50:44

** Changed in: kdepimlibs (Ubuntu Trusty)
       Status: Confirmed => Fix Released

** CVE added:

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  KMail: HTML injection in plain text viewer

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to