Information on source package claws-mail

Available versions

ReleaseVersion
jessie3.11.1-3+deb8u1
stretch3.14.1-3
buster3.17.3-2
bullseye3.17.8-1
bookworm4.1.1-2
trixie4.3.0-2
sid4.3.0-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2021-37746vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedtextview_uri_security_check in textview.c in Claws Mail before 3.18.0, ...
CVE-2020-16094vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedIn imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious ...
CVE-2020-15917vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedcommon/session.c in Claws Mail before 3.17.6 has a protocol violation ...
CVE-2019-10735vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableIn Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encry ...

Resolved issues

BugDescription
CVE-2015-8708Stack-based buffer overflow in the conv_euctojis function in codeconv. ...
CVE-2015-8614Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) co ...
CVE-2014-2576plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_ ...
CVE-2012-4507The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 ...
CVE-2010-5109Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's ...
CVE-2007-6208sylprint.pl in claws mail tools (claws-mail-tools) allows local users ...
CVE-2007-1558The APOP protocol allows remote attackers to guess the first 3 charact ...

Security announcements

DSA / DLADescription
DSA-3452-1claws-mail - security update
DLA-383-1claws-mail - security update

Search for package or bug name: Reporting problems