SUSE Package Hub - openSUSE-2019-981

Update Info

openSUSE-2019-981

Security update for messagelib

Type: security

Severity: low

Issued: 2019-03-23

Description:

This update for messagelib fixes the following issues:

The following security vulnerability was addressed:

- CVE-2018-19516: Fix a potential issue with opening messages in a new browser
  window when displaying mails as HTML (boo#1117958).

References

CVE: CVE-2018-19516
Bugzilla: 1117958 VUL-1: CVE-2018-19516: messagelib: Some HTML emails can trick messagelib into opening a new browser window when displaying said email as HTML. Workaround: Do not enable "Prefer HTML to plain text" in KMail settings.

Packages

messagelib-17.12.3-bp150.3.6.1