Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 522
Alerts This Week
Warning Icon 1 522

Fedora 24: 2016-1b042a79bd Moderate: KDEPIM HTML Injection Fix

fedora
Calendar Grey October 30, 2016
Dist Fedora Esm H88
This release resolves various concerns within KDE PIM Applications on Fedora 24, improving both security measures and overall performance.
KDE PIM Applications 16.08.2, https://kde.org/announcements/announce-applications-16.08.2/

Summary

KDE Personal Information Management suite, including:

* akregator: feed aggregator

* blogilo: blogging application, focused on simplicity and usability

* kmail: email client

* knotes: sticky notes for the desktop

* kontact: integrated PIM management

* korganizer: journal, appointments, events, todos

Update Information:

KDE PIM Applications 16.08.2, https://kde.org/announcements/announce-applications-16.08.2/

Change Log

References


[ 1 ] Bug #1382288 - CVE-2016-7967 kdepim: JavaScript access to local and remote URLs in Kmail https://bugzilla.redhat.com/show_bug.cgi?id=1382288 [ 2 ] Bug #1382286 - CVE-2016-7966 kdepim: HTML injection in plain text viewer of KMail https://bugzilla.redhat.com/show_bug.cgi?id=1382286 [ 3 ] Bug #1382293 - CVE-2016-7968 kdepim: JavaScript execution in HTML Mails https://bugzilla.redhat.com/show_bug.cgi?id=1382293

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade kdepim' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
important
Lowest
Low
Medium
High
Critical

Name: kdepim
Product: Fedora 24
Version: 16.08.2
Release: 1.fc24
URL: Summary : KDE Personal Information Management suite

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.