MGASA-2018-0476

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0476.html

Import Source

https://advisories.mageia.org/MGASA-2018-0476.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2018-0476

Related

CVE-2018-19516

Published

2018-12-03T22:13:03Z

Modified

2018-12-03T21:49:17Z

Summary

Updated messagelib packages fix security vulnerability

Details

Some HTML emails can trick messagelib into opening a new browser window when displaying said email as HTML. This happens even if the option to allow the HTML emails to access remote servers is disabled in KMail settings. This means that the owners of the servers referred in the email can see in their access logs your IP address (CVE-2018-19516).

References

https://advisories.mageia.org/MGASA-2018-0476.html
https://bugs.mageia.org/show_bug.cgi?id=23923
https://www.kde.org/info/security/advisory-20181128-1.txt

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2018-0476

Affected packages