MGASA-2013-0014
Date: | January 18th, 2013 |
Affected releases: | 2 |
Description:
Updated claws-mail-plugins packages fix security vulnerabilities:
A security flaw was found in the way vCalendar plug-in of Claws Mail
displayed user credential information in the system tray display when
using https scheme. A local attacker could use this flaw to obtain user
credentials (username and password) used for connection to remote point.
(CVE-2012-5527)
Updated Packages:
i586:
claws-mail-acpi-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-address_keeper-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-attachwarner-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-att_remover-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-bsfilter-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-clamd-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-fancy-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-fetchinfo-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-gtkhtml2_viewer-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-mailmbox-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-newmail-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-notification-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-pdf_viewer-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-perl-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-python-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-rssyl-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-spam_report-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-tnef_parse-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-vcalendar-plugin-3.8.1-1.2.mga2.i586.rpm
claws-mail-vcalendar-plugin-devel-3.8.1-1.2.mga2.i586.rpm
x86_64:
claws-mail-acpi-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-address_keeper-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-attachwarner-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-att_remover-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-bsfilter-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-clamd-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-fancy-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-fetchinfo-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-gtkhtml2_viewer-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-mailmbox-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-newmail-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-notification-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-pdf_viewer-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-perl-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-python-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-rssyl-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-spam_report-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-tnef_parse-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-vcalendar-plugin-3.8.1-1.2.mga2.x86_64.rpm
claws-mail-vcalendar-plugin-devel-3.8.1-1.2.mga2.x86_64.rpm
SRPMS:
claws-mail-plugins-3.8.1-1.2.mga2.src.rpm
References:
http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2782
https://bugzilla.redhat.com/show_bug.cgi?id=877372
https://bugs.mageia.org/show_bug.cgi?id=8291