This bug was fixed in the package kdepimlibs - 4:4.13.3-0ubuntu0.4 --------------- kdepimlibs (4:4.13.3-0ubuntu0.4) trusty-security; urgency=high
* SECURITY UPDATE: KMail: HTML injection in plain text viewer (LP: #1630700) - CVE-2016-7966 - The security vulnerability was not completely fixed in the last update. This upload applies one additional commit from upstream to completely fix it. - Split CVE-2016-7966.diff into CVE-2016-7966_1.patch and CVE-2016-7966_2.patch and add DEP-3 meta-information to make it clear that to fix the CVE, two patches are needed. -- Simon Quigley <tsimo...@ubuntu.com> Thu, 10 Aug 2017 17:52:29 -0500 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1630700 Title: [CVE] KMail - HTML injection in plain text viewer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kcoreaddons/+bug/1630700/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs