Security update for claws-mail
SUSE Patch
security@suse.de
SUSE Security Team
openSUSE-SU-2016:0485-1
Final
1
1
2016-02-16T20:37:26Z
current
2016-02-16T20:37:26Z
2016-02-16T20:37:26Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for claws-mail
This update for claws-mail fixes the following issues:
- CVE-2015-8614: additional fixes for buffer overrun issues which allowed remote attackers to cause a crash or have unspecified further impact (boo#959993)
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://lists.opensuse.org/opensuse-updates/2016-02/msg00099.html
E-Mail link for openSUSE-SU-2016:0485-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
claws-mail-3.11.0-3.11.1
claws-mail-devel-3.11.0-3.11.1
claws-mail-lang-3.11.0-3.11.1
Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) conv_euctojis, and (3) conv_sjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion.
CVE-2015-8614
moderate
Please Install the update.
https://lists.opensuse.org/opensuse-updates/2016-02/msg00099.html
https://www.suse.com/security/cve/CVE-2015-8614.html
CVE-2015-8614
https://bugzilla.suse.com/959993
SUSE Bug 959993
https://bugzilla.suse.com/960566
SUSE Bug 960566