claws-mail - Debian Package Tracker

general

source: claws-mail (main)
version: 4.1.1-4
maintainer: Ricardo Mones (DMD) (LowNMU)
arch: all any
std-ver: 4.6.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.17.3-2
oldstable: 3.17.8-1
old-bpo: 4.1.1-2~bpo11+1
stable: 4.1.1-2
testing: 4.1.1-4
unstable: 4.1.1-4

versioned links

3.17.3-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.17.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.1.1-2~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.1.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.1.1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

claws-mail (54 bugs: 0, 24, 30, 0)
claws-mail-acpi-notifier
claws-mail-address-keeper (1 bugs: 0, 1, 0, 0)
claws-mail-archiver-plugin
claws-mail-attach-remover
claws-mail-attach-warner
claws-mail-bogofilter (2 bugs: 0, 0, 2, 0)
claws-mail-bsfilter-plugin
claws-mail-clamd-plugin (1 bugs: 0, 0, 1, 0)
claws-mail-dillo-viewer (1 bugs: 0, 0, 1, 0)
claws-mail-doc
claws-mail-extra-plugins
claws-mail-fancy-plugin
claws-mail-feeds-reader
claws-mail-fetchinfo-plugin
claws-mail-gdata-plugin (1 bugs: 0, 1, 0, 0)
claws-mail-i18n
claws-mail-keyword-warner
claws-mail-libravatar
claws-mail-litehtml-viewer
claws-mail-mailmbox-plugin
claws-mail-managesieve
claws-mail-multi-notifier
claws-mail-newmail-plugin
claws-mail-pdf-viewer
claws-mail-perl-filter
claws-mail-pgpinline (3 bugs: 0, 1, 2, 0)
claws-mail-pgpmime (2 bugs: 0, 2, 0, 0)
claws-mail-plugins
claws-mail-python-plugin
claws-mail-smime-plugin
claws-mail-spam-report
claws-mail-spamassassin (2 bugs: 0, 0, 2, 0)
claws-mail-tnef-parser (1 bugs: 0, 0, 1, 0)
claws-mail-tools (1 bugs: 0, 0, 1, 0)
claws-mail-vcalendar-plugin (3 bugs: 0, 2, 1, 0)
libclaws-mail-dev

action needed

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2019-10735: In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Created: 2023-06-11 Last update: 2023-08-04 04:00

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-10735: In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Created: 2022-07-04 Last update: 2023-08-04 04:00

lintian reports 1 error and 1 warning high

Lintian reports 1 error and 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2023-02-22 Last update: 2023-08-02 04:00

2 bugs tagged help in the BTS normal

The BTS contains 2 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2019-03-21 Last update: 2023-09-28 15:00

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2023-09-13 Last update: 2023-09-28 15:00

Depends on packages which need a new maintainer normal

The packages that claws-mail depends on which need a new maintainer are:

nedit (#962976)
- Suggests: nedit
html2ps (#759016)
- Suggests: html2ps
docbook-xml (#802368)
- Build-Depends-Indep: docbook-xml
docbook-xsl (#802370)
- Build-Depends-Indep: docbook-xsl
ghostscript (#1022718)
- Recommends: ghostscript

Created: 2019-11-22 Last update: 2023-09-28 13:48

AppStream hints: 1 warning normal

AppStream found metadata issues for packages:

claws-mail: 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2020-06-01 Last update: 2020-06-01 01:12

2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

2 issues left for the package maintainer to handle:

CVE-2019-10735: (needs triaging) In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.
CVE-2021-37746: (needs triaging) textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2023-08-04 04:00

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2019-10735: (needs triaging) In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-06-10 Last update: 2023-08-04 04:00

debian/patches: 2 patches to forward upstream low

Among the 3 debian patches available in version 4.1.1-4 of the package, we noticed the following issues:

2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-08-02 10:34

testing migrations

This package will soon be part of the auto-openldap transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
This package will soon be part of the auto-perl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2023-08-04] claws-mail 4.1.1-4 MIGRATED to testing (Debian testing watch)
[2023-08-01] Accepted claws-mail 4.1.1-4 (source) into unstable (Ricardo Mones)
[2023-07-15] Accepted claws-mail 4.1.1-3 (source amd64 all) into unstable (Debian FTP Masters) (signed by: Ricardo Mones)
[2022-12-21] Accepted claws-mail 4.1.1-2~bpo11+1 (source) into bullseye-backports (Andreas Rönnquist)
[2022-12-21] claws-mail 4.1.1-2 MIGRATED to testing (Debian testing watch)
[2022-12-15] Accepted claws-mail 4.1.1-2 (source) into unstable (Ricardo Mones)
[2022-11-01] Accepted claws-mail 4.1.1-1 (source) into unstable (Ricardo Mones)
[2022-10-28] claws-mail REMOVED from testing (Debian testing watch)
[2022-07-06] Accepted claws-mail 4.1.0-2~bpo11+1 (source amd64 all) into bullseye-backports, bullseye-backports (Debian FTP Masters) (signed by: Andreas Rönnquist)
[2022-05-17] claws-mail 4.1.0-2 MIGRATED to testing (Debian testing watch)
[2022-05-14] Accepted claws-mail 4.1.0-2 (source) into unstable (Ricardo Mones)
[2022-04-20] Accepted claws-mail 4.1.0-1 (source amd64 all) into unstable, unstable (Debian FTP Masters) (signed by: Ricardo Mones)
[2022-03-22] Accepted claws-mail 4.0.0-3 (source amd64 all) into unstable, unstable (Debian FTP Masters) (signed by: Ricardo Mones)
[2022-02-13] claws-mail 4.0.0-2 MIGRATED to testing (Debian testing watch)
[2022-02-02] Accepted claws-mail 4.0.0-2 (source) into unstable (Ricardo Mones)
[2021-10-20] Accepted claws-mail 4.0.0-1 (source) into experimental (Ricardo Mones)
[2021-09-10] claws-mail 3.18.0-1 MIGRATED to testing (Debian testing watch)
[2021-09-05] Accepted claws-mail 3.18.0-1 (source) into unstable (Ricardo Mones)
[2020-10-31] claws-mail 3.17.8-1 MIGRATED to testing (Debian testing watch)
[2020-10-25] Accepted claws-mail 3.17.8-1 (source) into unstable (Ricardo Mones)
[2020-10-10] claws-mail 3.17.7-1 MIGRATED to testing (Debian testing watch)
[2020-10-04] Accepted claws-mail 3.17.7-1 (source) into unstable (Ricardo Mones)
[2020-07-23] claws-mail 3.17.6-1 MIGRATED to testing (Debian testing watch)
[2020-07-16] Accepted claws-mail 3.17.6-1 (source) into unstable (Ricardo Mones)
[2020-02-27] claws-mail 3.17.5-2 MIGRATED to testing (Debian testing watch)
[2020-02-25] Accepted claws-mail 3.17.5-2 (source) into unstable (Ricardo Mones)
[2020-02-24] Accepted claws-mail 3.17.5-1 (source) into unstable (Ricardo Mones)
[2020-01-31] claws-mail 3.17.4-3 MIGRATED to testing (Debian testing watch)
[2020-01-29] Accepted claws-mail 3.17.4-3 (source) into unstable (Ricardo Mones)
[2019-11-01] claws-mail 3.17.4-2 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 70 73
RC: 0
I&N: 30 31
M&W: 40 42
F&P: 0
patch: 1
help: 2

links

homepage
lintian (1, 1)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (-, 92)
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.1.1-4
33 bugs (1 patch)