Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

openSUSE Leap 15.2: openSUSE-SU-2021:1045-1 Moderate: Claws-Mail Fix

opensuse
Calendar Grey July 15, 2021
Dist Opensuse Esm H88
openSUSE has released a vital security patch for claws-mail, addressing a significant vulnerability. Make sure to update promptly for improved safety and efficiency.
An update that fixes one vulnerability is now available

Description

This update for claws-mail fixes the following issues:

Update to 3.18.0

* Support for the OAuth2 authorisation protocol has been added for IMAP,

POP and SMTP using custom, user-generated client IDs. OAuth2

preferences are found in the Account Preferences on the Receive page

(for POP: Authenticate before POP connection, for IMAP: Authentication

method); the Send page (SMTP authentication: Authentication method);

and on a dedicated OAuth2 page.

* The option 'Save (X-)Face in address book if possible' has been added

to the /Message View/Text Options preferences page. Previously the

(X-)Face would be saved automatically, therefore this option is turned

on by default.

* The Image Viewer has been reworked. New options have been added to

/Message View/Image Viewer: when resizing images, either fit the image

width or fit the image height to the available space. Fitting the

image height is the...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate update security fix authorization openSUSE claws-mail

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2021-1045=1

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2021-1045=1

- openSUSE Backports SLE-15-SP2:

zypper in -t patch openSUSE-2021-1045=1

Package List

- openSUSE Leap 15.2 (noarch):

claws-mail-lang-3.18.0-lp152.3.9.1

- openSUSE Leap 15.2 (x86_64):

claws-mail-3.18.0-lp152.3.9.1

claws-mail-debuginfo-3.18.0-lp152.3.9.1

claws-mail-debugsource-3.18.0-lp152.3.9.1

claws-mail-devel-3.18.0-lp152.3.9.1

- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):

claws-mail-3.18.0-bp153.2.3.1

claws-mail-debuginfo-3.18.0-bp153.2.3.1

claws-mail-debugsource-3.18.0-bp153.2.3.1

claws-mail-devel-3.18.0-bp153.2.3.1

- openSUSE Backports SLE-15-SP3 (noarch):

claws-mail-lang-3.18.0-bp153.2.3.1

- openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):

claws-mail-3.18.0-bp152.3.9.1

claws-mail-devel-3.18.0-bp152.3.9.1

- openSUSE Backports SLE-15-SP2 (noarch):

claws-mail-lang-3.18.0-bp152.3.9.1

References

https://www.suse.com/security/cve/CVE-2020-15917.html

https://bugzilla.suse.com/1174457

Announcement ID: openSUSE-SU-2021:1045-1
Rating: moderate
Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP3 openSUSE Backports SLE-15-SP2 .

Topics%20covered

Topics Covered

security advisory moderate update security fix authorization openSUSE claws-mail

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here