Debian Package Tracker

general

source: claws-mail (main)
version: 3.17.8-1
maintainer: Ricardo Mones (DMD) (LowNMU)
arch: all any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.11.1-3+deb8u1
o-o-sec: 3.11.1-3+deb8u1
oldstable: 3.14.1-3
old-bpo: 3.17.1-1~bpo9+1
stable: 3.17.3-2
testing: 3.17.8-1
unstable: 3.17.8-1

versioned links

3.11.1-3+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.14.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.17.1-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.17.3-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.17.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

claws-mail (50 bugs: 0, 21, 29, 0)
claws-mail-acpi-notifier
claws-mail-address-keeper (1 bugs: 0, 1, 0, 0)
claws-mail-archiver-plugin
claws-mail-attach-remover
claws-mail-attach-warner
claws-mail-bogofilter (2 bugs: 0, 0, 2, 0)
claws-mail-bsfilter-plugin
claws-mail-clamd-plugin (1 bugs: 0, 0, 1, 0)
claws-mail-dillo-viewer (1 bugs: 0, 0, 1, 0)
claws-mail-doc
claws-mail-extra-plugins
claws-mail-feeds-reader
claws-mail-fetchinfo-plugin
claws-mail-gdata-plugin (1 bugs: 0, 1, 0, 0)
claws-mail-i18n
claws-mail-libravatar
claws-mail-litehtml-viewer
claws-mail-mailmbox-plugin
claws-mail-managesieve
claws-mail-multi-notifier
claws-mail-newmail-plugin
claws-mail-pdf-viewer
claws-mail-perl-filter (1 bugs: 0, 0, 1, 0)
claws-mail-pgpinline (3 bugs: 0, 1, 2, 0)
claws-mail-pgpmime (2 bugs: 0, 2, 0, 0)
claws-mail-plugins
claws-mail-smime-plugin
claws-mail-spam-report
claws-mail-spamassassin (2 bugs: 0, 0, 2, 0)
claws-mail-tnef-parser (1 bugs: 0, 0, 1, 0)
claws-mail-tools (1 bugs: 0, 0, 1, 0)
claws-mail-vcalendar-plugin (1 bugs: 0, 0, 1, 0)
libclaws-mail-dev

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-10735: In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Please fix it.

Created: 2019-04-07 Last update: 2020-12-27 21:57

lintian reports 2 warnings high

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-10-22 04:31

2 bugs tagged help in the BTS normal

The BTS contains 2 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2019-03-21 Last update: 2021-01-21 23:30

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-01-21 23:30

Depends on packages which need a new maintainer normal

The packages that claws-mail depends on which need a new maintainer are:

docbook-xml (#802368)
- Build-Depends: docbook-xml
docbook-xsl (#802370)
- Build-Depends: docbook-xsl
nedit (#962976)
- Suggests: nedit

Created: 2019-11-22 Last update: 2021-01-21 22:32

AppStream hints: 1 warning normal

AppStream found metadata issues for packages:

claws-mail: 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2020-06-01 Last update: 2020-06-01 01:12

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2019-10735: In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.
CVE-2020-15917: common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.
CVE-2020-16094: In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.

Please fix them.

Created: 2019-04-07 Last update: 2020-12-27 21:57

3 ignored security issues in buster low

There are 3 open security issues in buster.

3 issues skipped by the security teams:

CVE-2019-10735: In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.
CVE-2020-15917: common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.
CVE-2020-16094: In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.

Please fix them.

Created: 2019-04-07 Last update: 2020-12-27 21:57

1 ignored security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue skipped by the security teams:

CVE-2019-10735: In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Please fix it.

Created: 2019-11-01 Last update: 2020-12-27 21:57

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-11-17 05:41

news

[rss feed]

[2020-10-31] claws-mail 3.17.8-1 MIGRATED to testing (Debian testing watch)
[2020-10-25] Accepted claws-mail 3.17.8-1 (source) into unstable (Ricardo Mones)
[2020-10-10] claws-mail 3.17.7-1 MIGRATED to testing (Debian testing watch)
[2020-10-04] Accepted claws-mail 3.17.7-1 (source) into unstable (Ricardo Mones)
[2020-07-23] claws-mail 3.17.6-1 MIGRATED to testing (Debian testing watch)
[2020-07-16] Accepted claws-mail 3.17.6-1 (source) into unstable (Ricardo Mones)
[2020-02-27] claws-mail 3.17.5-2 MIGRATED to testing (Debian testing watch)
[2020-02-25] Accepted claws-mail 3.17.5-2 (source) into unstable (Ricardo Mones)
[2020-02-24] Accepted claws-mail 3.17.5-1 (source) into unstable (Ricardo Mones)
[2020-01-31] claws-mail 3.17.4-3 MIGRATED to testing (Debian testing watch)
[2020-01-29] Accepted claws-mail 3.17.4-3 (source) into unstable (Ricardo Mones)
[2019-11-01] claws-mail 3.17.4-2 MIGRATED to testing (Debian testing watch)
[2019-10-14] Accepted claws-mail 3.17.4-2 (source) into unstable (Ricardo Mones)
[2019-10-12] claws-mail REMOVED from testing (Debian testing watch)
[2019-08-08] Accepted claws-mail 3.17.4-1 (source amd64 all) into unstable, unstable (Ricardo Mones) (signed by: Ricardo Mones Lastra)
[2019-04-09] claws-mail 3.17.3-2 MIGRATED to testing (Debian testing watch)
[2019-04-03] Accepted claws-mail 3.17.3-2 (source amd64 all) into unstable (Ricardo Mones) (signed by: Ricardo Mones Lastra)
[2019-01-04] claws-mail 3.17.3-1 MIGRATED to testing (Debian testing watch)
[2018-12-29] Accepted claws-mail 3.17.3-1 (source amd64 all) into unstable (Ricardo Mones) (signed by: Ricardo Mones Lastra)
[2018-12-21] claws-mail 3.17.2-1 MIGRATED to testing (Debian testing watch)
[2018-12-15] Accepted claws-mail 3.17.2-1 (source amd64 all) into unstable (Ricardo Mones) (signed by: Ricardo Mones Lastra)
[2018-09-12] Accepted claws-mail 3.17.1-1~bpo9+1 (source amd64 all) into stretch-backports, stretch-backports (Stephen Kitt)
[2018-09-01] claws-mail 3.17.1-1 MIGRATED to testing (Debian testing watch)
[2018-08-26] Accepted claws-mail 3.17.1-1 (source amd64 all) into unstable (Ricardo Mones) (signed by: Ricardo Mones Lastra)
[2018-08-26] claws-mail 3.17.0-1 MIGRATED to testing (Debian testing watch)
[2018-08-20] Accepted claws-mail 3.17.0-1 (source amd64 all) into unstable, unstable (Ricardo Mones) (signed by: Ricardo Mones Lastra)
[2018-08-02] Accepted claws-mail 3.16.0-2~bpo9+1 (source amd64 all) into stretch-backports, stretch-backports (Stephen Kitt)
[2018-05-13] claws-mail 3.16.0-2 MIGRATED to testing (Debian testing watch)
[2018-05-10] Accepted claws-mail 3.16.0-2 (source amd64 all) into unstable (Ricardo Mones) (signed by: Ricardo Mones Lastra)
[2017-12-23] claws-mail 3.16.0-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 66 69
RC: 0
I&N: 26 27
M&W: 40 42
F&P: 0
patch: 1
help: 2

links

homepage
lintian (0, 2)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (-, 94)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.17.8-1build1
28 bugs (1 patch)