Register | Log in

kf5-messagelib

Choose email to subscribe with

general

source: kf5-messagelib (main)
version: 4:18.08.3-2
maintainer: Debian/Kubuntu Qt/KDE Maintainers (archive) [DMD]
uploaders: Maximiliano Curia [DMD]
arch: all any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

stable: 4:16.04.3-3~deb9u1
testing: 4:18.08.3-2
unstable: 4:18.08.3-2

versioned links

4:16.04.3-3~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4:18.08.3-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

kf5-messagelib-data
libkf5messagecomposer-dev
libkf5messagecomposer5abi1
libkf5messagecore-dev
libkf5messagecore5abi1
libkf5messagelist-dev
libkf5messagelist5abi1
libkf5messageviewer-dev
libkf5messageviewer5abi1
libkf5mimetreeparser-dev
libkf5mimetreeparser5abi1
libkf5templateparser-dev
libkf5templateparser5
libkf5webengineviewer-dev
libkf5webengineviewer5abi1

action needed

Debci reports failed tests high

stable: test failures (log)
The tests ran in 0h 0m 52s
Last run: 2019-06-19 05:31:18
Previous status: fail

Created: 2019-06-06 Last update: 2019-06-24 19:18

A new upstream version is available: 19.04.2 high

A new upstream version 19.04.2 is available, you should consider packaging it.

Created: 2019-06-09 Last update: 2019-06-24 19:09

3 security issues in stretch high

There are 3 open security issues in stretch.

1 important issue:

CVE-2019-10732: In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

2 issues skipped by the security teams:

CVE-2018-19516:
CVE-2017-17689: The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

Please fix them.

Created: 2018-05-19 Last update: 2019-05-14 07:13

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-10732: In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Please fix it.

Created: 2019-05-14 Last update: 2019-05-14 07:13

lintian reports 1 error high

Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.

Created: 2019-04-05 Last update: 2019-04-05 06:40

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-10732: In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Please fix it.

Created: 2019-05-14 Last update: 2019-05-14 07:13

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2019-02-05 Last update: 2019-03-02 07:08

news

[2019-03-04] kf5-messagelib 4:18.08.3-2 MIGRATED to testing (Debian testing watch)
[2019-03-02] Accepted kf5-messagelib 4:18.08.3-2 (source) into unstable (Sandro Knauß)
[2019-02-04] Accepted kf5-messagelib 4:18.08.3-1 (source) into unstable (Sandro Knauß)
[2018-10-16] kf5-messagelib 4:18.08.1-1 MIGRATED to testing (Debian testing watch)
[2018-10-02] Accepted kf5-messagelib 4:18.08.1-1 (source) into unstable (Sandro Knauß)
[2018-08-27] Accepted kf5-messagelib 4:18.07.90-1 (source all amd64) into experimental, experimental (Sandro Knauß)
[2018-08-15] kf5-messagelib 4:17.12.3-3 MIGRATED to testing (Debian testing watch)
[2018-08-01] Accepted kf5-messagelib 4:17.12.3-3 (source) into unstable (Lisandro Damián Nicanor Pérez Meyer)
[2018-07-31] Accepted kf5-messagelib 4:17.12.3-2 (source) into unstable (Lisandro Damián Nicanor Pérez Meyer)
[2018-04-07] kf5-messagelib 4:17.12.3-1 MIGRATED to testing (Debian testing watch)
[2018-04-01] Accepted kf5-messagelib 4:17.12.3-1 (source) into unstable (Sandro Knauß)
[2018-03-25] Accepted kf5-messagelib 4:17.12.2-4 (source) into experimental (Sandro Knauß)
[2018-03-19] Accepted kf5-messagelib 4:17.12.2-3 (source) into experimental (Sandro Knauß)
[2018-03-15] Accepted kf5-messagelib 4:17.12.2-2 (source) into experimental (Sandro Knauß)
[2018-03-09] Accepted kf5-messagelib 4:17.12.2-1 (source) into experimental (Sandro Knauß)
[2018-01-25] kf5-messagelib 4:17.08.3-2 MIGRATED to testing (Debian testing watch)
[2018-01-20] Accepted kf5-messagelib 4:17.08.3-2 (source) into unstable (Pino Toscano)
[2018-01-18] kf5-messagelib 4:17.08.3-1 MIGRATED to testing (Debian testing watch)
[2017-12-21] Accepted kf5-messagelib 4:17.08.3-1 (source) into unstable (Sandro Knauß)
[2017-09-11] Accepted kf5-messagelib 4:17.08.0-1 (source all amd64) into experimental, experimental (Maximiliano Curia)
[2017-09-07] Accepted kf5-messagelib 4:16.04.3-3~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Sandro Knauß)
[2017-06-20] kf5-messagelib 4:16.04.3-3 MIGRATED to testing (Debian testing watch)
[2017-06-18] Accepted kf5-messagelib 4:16.04.3-3 (source) into unstable (Sandro Knauß)
[2016-08-07] kf5-messagelib 4:16.04.3-2 MIGRATED to testing (Debian testing watch)
[2016-08-06] kf5-messagelib 4:16.04.3-2 MIGRATED to testing (Debian testing watch)
[2016-08-02] Accepted kf5-messagelib 4:16.04.3-2 (source) into unstable (Maximiliano Curia)
[2016-07-14] Accepted kf5-messagelib 4:16.04.3-1 (source) into unstable (Maximiliano Curia)
[2016-07-06] Accepted kf5-messagelib 4:16.04.2-2 (source) into unstable (Maximiliano Curia)
[2016-06-30] Accepted kf5-messagelib 4:16.04.2-1 (source) into experimental (Maximiliano Curia)
[2016-06-06] Accepted kf5-messagelib 4:16.04.1-1 (source all amd64) into experimental, experimental (Maximiliano Curia)

1
2

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (1, 0)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4:18.12.3-0ubuntu2
patches for 4:18.12.3-0ubuntu2

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing