Release | Version |
---|---|
jessie | 3.11.1-3+deb8u1 |
stretch | 3.14.1-3 |
buster | 3.17.3-2 |
bullseye | 3.17.8-1 |
bookworm | 4.1.1-2 |
trixie | 4.3.0-2 |
sid | 4.3.0-2 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2021-37746 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | textview_uri_security_check in textview.c in Claws Mail before 3.18.0, ... |
CVE-2020-16094 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious ... |
CVE-2020-15917 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | common/session.c in Claws Mail before 3.17.6 has a protocol violation ... |
CVE-2019-10735 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encry ... |
Bug | Description |
---|---|
CVE-2015-8708 | Stack-based buffer overflow in the conv_euctojis function in codeconv. ... |
CVE-2015-8614 | Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) co ... |
CVE-2014-2576 | plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_ ... |
CVE-2012-4507 | The strchr function in procmime.c in Claws Mail (aka claws-mail) 3.8.1 ... |
CVE-2010-5109 | Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's ... |
CVE-2007-6208 | sylprint.pl in claws mail tools (claws-mail-tools) allows local users ... |
CVE-2007-1558 | The APOP protocol allows remote attackers to guess the first 3 charact ... |
DSA / DLA | Description |
---|---|
DSA-3452-1 | claws-mail - security update |
DLA-383-1 | claws-mail - security update |