Debian-LTS has issued an advisory on July 30: https://www.debian.org/lts/security/2020/dla-2300 Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Done for both Cauldron and mga7!
CC: (none) => geiger.david68210
Advisory: ======================== Updated kdepim-runtime and kmail-account-wizard packages fix security vulnerability: It was discovered that there was an issue where kmail would default to using unencrypted POP3 communication despite the UI indicating that encryption was in use (CVE-2020-15954). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15954 https://www.debian.org/lts/security/2020/dla-2300 ======================== Updated packages in core/updates_testing: ======================== kmail-account-wizard-19.04.0-1.1.mga7 akonadi-kde-19.04.0-1.2.mga7 libakonadi-singlefileresource5-19.04.0-1.2.mga7 libmaildir5-19.04.0-1.2.mga7 libakonadi-filestore5-19.04.0-1.2.mga7 libkmindexreader5-19.04.0-1.2.mga7 libfolderarchivesettings5-19.04.0-1.2.mga7 kdepim-runtime-handbook-19.04.0-1.2.mga7 from SRPMS: kmail-account-wizard-19.04.0-1.1.mga7.src.rpm kdepim-runtime-19.04.0-1.2.mga7.src.rpm
Version: Cauldron => 7Whiteboard: MGA7TOO => (none)Assignee: kde => qa-bugs
MGA7-64 Plasma on Lenovo B50 No installation issues. No previous updates, so tried my luck at using commands. Used accountwizard command to define what???-kmail??? my hotmail account, choosing pop3. After completing that, lauched kmail, but could not read the e-mail account, it is there but only half way e.g. it does not show up in the folders or in the sequence list of accounts Ouutgoing account is completely absent Giving up on this
CC: (none) => herman.viaene
Kmail-account-wizard is a graphical interface, which is started when you invoke kmail the first time. As a KMail user, I think it never led to complete configs, but you have to go through the KMail configuration afterwards. It is meant to facilitate configuration. Will try it in a new user.
CC: (none) => bequimao.de
Installed Packages akonadi-kde.x86_64 2:19.04.0-1.2.mga7 @updates_testing-x86_64 kmail-account-wizard.x86_64 2:19.04.0-1.1.mga7 @updates_testing-x86_64 lib64akonadi-filestore5.x86_64 2:19.04.0-1.2.mga7 @updates_testing-x86_64 lib64akonadi-singlefileresource5.x86_64 2:19.04.0-1.2.mga7 @updates_testing-x86_64 lib64folderarchivesettings5.x86_64 2:19.04.0-1.2.mga7 @updates_testing-x86_64 lib64kmindexreader5.x86_64 2:19.04.0-1.2.mga7 @updates_testing-x86_64 lib64maildir5.x86_64 2:19.04.0-1.2.mga7 @updates_testing-x86_64 Available Packages kdepim-runtime-handbook.noarch 2:19.04.0-1.2.mga7 updates_testing-x86_64 I tested now with new user and a GMail IMAP account. It created an empty default identity named unnamed, though I had given my real name. Receiving account had the login name as user name, and no IMAP server, perhaps because of the ending ...@googlemail.com instead of gmail.com. Sending account working. Sent a test mail sucessfully. Though config is incomplete, it is helpful as it normally gives server names and ports. Other mail programs may be better, but I see no regression. I would give it a Go. Ulrich
Advisory and package list in Comment 2.
Keywords: (none) => validated_updateWhiteboard: (none) => MGA7-64-OKCC: (none) => sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0346.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED