Debian Package Tracker - kf5-messagelib

general

source: kf5-messagelib (main)
version: 4:18.08.3-2
maintainer: Debian/Kubuntu Qt/KDE Maintainers (archive) (DMD)
uploaders: Maximiliano Curia [DMD]
arch: all any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 4:16.04.3-3~deb9u1
stable: 4:18.08.3-2
testing: 4:18.08.3-2
unstable: 4:18.08.3-2
exp: 4:18.08.3-4

versioned links

4:16.04.3-3~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4:18.08.3-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4:18.08.3-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

kf5-messagelib-data
libkf5messagecomposer-dev
libkf5messagecomposer5abi1
libkf5messagecore-dev
libkf5messagecore5abi1
libkf5messagelist-dev
libkf5messagelist5abi1
libkf5messageviewer-dev
libkf5messageviewer5abi1
libkf5mimetreeparser-dev
libkf5mimetreeparser5abi1
libkf5templateparser-dev
libkf5templateparser5
libkf5webengineviewer-dev
libkf5webengineviewer5abi1

action needed

A new upstream version is available: 19.08.2 high

A new upstream version 19.08.2 is available, you should consider packaging it.

Created: 2019-09-09 Last update: 2019-10-22 08:46

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-10732: In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Please fix it.

Created: 2019-07-07 Last update: 2019-10-21 00:30

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-10732: In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Please fix it.

Created: 2019-05-14 Last update: 2019-10-21 00:30

lintian reports 1 error high

Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.

Created: 2019-08-30 Last update: 2019-08-30 00:07

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2019-10-07 Last update: 2019-10-22 08:49

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-10732: In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.

Please fix it.

Created: 2019-05-14 Last update: 2019-10-21 00:30

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2018-19516:
CVE-2019-10732: In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, they unknowingly leak the plaintext of the encrypted message part(s) back to the attacker.
CVE-2017-17689: The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

Please fix them.

Created: 2018-05-19 Last update: 2019-10-21 00:30

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2019-02-05 Last update: 2019-03-02 07:08

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.1 instead of 4.3.0).

Created: 2019-07-08 Last update: 2019-09-29 23:40

news

[rss feed]

[2019-10-07] Accepted kf5-messagelib 4:18.08.3-4 (source) into experimental (Sandro Knauß)
[2019-10-06] Accepted kf5-messagelib 4:18.08.3-3 (source) into experimental (Sandro Knauß)
[2019-03-04] kf5-messagelib 4:18.08.3-2 MIGRATED to testing (Debian testing watch)
[2019-03-02] Accepted kf5-messagelib 4:18.08.3-2 (source) into unstable (Sandro Knauß)
[2019-02-04] Accepted kf5-messagelib 4:18.08.3-1 (source) into unstable (Sandro Knauß)
[2018-10-16] kf5-messagelib 4:18.08.1-1 MIGRATED to testing (Debian testing watch)
[2018-10-02] Accepted kf5-messagelib 4:18.08.1-1 (source) into unstable (Sandro Knauß)
[2018-08-27] Accepted kf5-messagelib 4:18.07.90-1 (source all amd64) into experimental, experimental (Sandro Knauß)
[2018-08-15] kf5-messagelib 4:17.12.3-3 MIGRATED to testing (Debian testing watch)
[2018-08-01] Accepted kf5-messagelib 4:17.12.3-3 (source) into unstable (Lisandro Damián Nicanor Pérez Meyer)
[2018-07-31] Accepted kf5-messagelib 4:17.12.3-2 (source) into unstable (Lisandro Damián Nicanor Pérez Meyer)
[2018-04-07] kf5-messagelib 4:17.12.3-1 MIGRATED to testing (Debian testing watch)
[2018-04-01] Accepted kf5-messagelib 4:17.12.3-1 (source) into unstable (Sandro Knauß)
[2018-03-25] Accepted kf5-messagelib 4:17.12.2-4 (source) into experimental (Sandro Knauß)
[2018-03-19] Accepted kf5-messagelib 4:17.12.2-3 (source) into experimental (Sandro Knauß)
[2018-03-15] Accepted kf5-messagelib 4:17.12.2-2 (source) into experimental (Sandro Knauß)
[2018-03-09] Accepted kf5-messagelib 4:17.12.2-1 (source) into experimental (Sandro Knauß)
[2018-01-25] kf5-messagelib 4:17.08.3-2 MIGRATED to testing (Debian testing watch)
[2018-01-20] Accepted kf5-messagelib 4:17.08.3-2 (source) into unstable (Pino Toscano)
[2018-01-18] kf5-messagelib 4:17.08.3-1 MIGRATED to testing (Debian testing watch)
[2017-12-21] Accepted kf5-messagelib 4:17.08.3-1 (source) into unstable (Sandro Knauß)
[2017-09-11] Accepted kf5-messagelib 4:17.08.0-1 (source all amd64) into experimental, experimental (Maximiliano Curia)
[2017-09-07] Accepted kf5-messagelib 4:16.04.3-3~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Sandro Knauß)
[2017-06-20] kf5-messagelib 4:16.04.3-3 MIGRATED to testing (Debian testing watch)
[2017-06-18] Accepted kf5-messagelib 4:16.04.3-3 (source) into unstable (Sandro Knauß)
[2016-08-07] kf5-messagelib 4:16.04.3-2 MIGRATED to testing (Debian testing watch)
[2016-08-06] kf5-messagelib 4:16.04.3-2 MIGRATED to testing (Debian testing watch)
[2016-08-02] Accepted kf5-messagelib 4:16.04.3-2 (source) into unstable (Maximiliano Curia)
[2016-07-14] Accepted kf5-messagelib 4:16.04.3-1 (source) into unstable (Maximiliano Curia)
[2016-07-06] Accepted kf5-messagelib 4:16.04.2-2 (source) into unstable (Maximiliano Curia)

bugs [bug history graph]

all: 2
RC: 1
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
buildd: logs, exp, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4:19.04.3-0ubuntu1
patches for 4:19.04.3-0ubuntu1