Ubuntu 24.04 LTS: KMail Account Wizard Critical HTTP Risk USN-7732-1
ubuntu
September 3, 2025
KMail Account Wizard uses an insecure protocol.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: KMail Account Wizard uses an insecure protocol. Software Description: - kmail-account-wizard: Wizard for KDE PIM applications account setup Details: It was discovered that KMail Account Wizard used HTTP rather than HTTPS when retrieving certain email server configurations. An attacker could possibly use this issue to cause email clients to use an attacker-controlled email server.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS accountwizard 4:23.08.5-0ubuntu3+esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS accountwizard 4:21.12.3-0ubuntu1+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS accountwizard 4:19.12.3-0ubuntu1+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS accountwizard 4:17.12.3-0ubuntu1+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-7732-1
CVE-2024-50624
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-7732-1
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!