[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-release-team
Subject: Re: KDE Project Security Advisory: KMail: HTML injection in plain text viewer
From: Antonio Rojas <arojas () archlinux ! org>
Date: 2016-10-10 9:56:36
Message-ID: ntfokk$s53$1 () blaine ! gmane ! org
[Download RAW message or body]
El Thu, 06 Oct 2016 23:44:58 +0100, Jonathan Riddell escribió:
> These patches don't apply to the released versions, I've taken a diff
> from the branches
>
> https://packaging.neon.kde.org/applications/messagelib.git/tree/debian/
patches/kde_01_CVE-2016-7968-CVE-2016-7966.diff?h=Neon/release
> https://packaging.neon.kde.org/frameworks/kcoreaddons.git/tree/debian/
patches/kde_01_CVE-2016-7966.diff?h=Neon/release
>
> Jonathan
Thanks for these. Just a warning that the messagelib patch breaks BIC, so
at least mailcommon, kdepim and kdepim-addons need to be rebuilt against
the patched messagelib.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic