29668 – ksmtp, kmail, kimap, kdepim-runtime new TLS-related security issues (including CVE-2020-15954)

Bug 29668 - ksmtp, kmail, kimap, kdepim-runtime new TLS-related security issues (including CVE-2020-15954)

Summary: ksmtp, kmail, kimap, kdepim-runtime new TLS-related security issues (includin...

Status:	RESOLVED OLD

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	8
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	KDE maintainers
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2021-11-18 21:29 CET by David Walser
Modified:	2024-01-12 09:32 CET (History)
CC List:	2 users (show)

See Also:
Source RPM:	ksmtp-21.04.1-1.mga9.src.rpm, kmail-21.04.1-1.mga9.src.rpm, kimap-21.04.1-1.mga9.src.rpm, kdepim-runtime-21.04.1-1.mga9.src.rpm
CVE:
Status comment:	Patches available from upstream

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2021-11-18 21:29:36 CET

KDE has issued advisories today (November 18):
https://kde.org/info/security/advisory-20211118-1.txt
https://kde.org/info/security/advisory-20211118-2.txt

The advisories contain links to upstream commits to fix the issues.

Mageia 8 is also affected.

David Walser 2021-11-18 21:29:48 CET

Whiteboard: (none) => MGA8TOO
Status comment: (none) => Patches available from upstream

Comment 1 Nicolas Lécureuil 2021-12-29 09:37:33 CET

fixed in cauldron ( with kde application 21.12.0 )

CC: (none) => mageia
Version: Cauldron => 8
Whiteboard: MGA8TOO => (none)

Comment 2 David Walser 2021-12-29 18:23:37 CET

The upstream commits to fix these issues are recent (within the last few months).  These packages haven't been updated in Cauldron since May.

Version: 8 => Cauldron
Whiteboard: (none) => MGA8TOO

Comment 3 Nicolas Lécureuil 2022-01-03 10:13:37 CET

sorry it was in progress :-)

now we have kde application 21.12.0 in Cauldron.

Whiteboard: MGA8TOO => (none)
Version: Cauldron => 8

Comment 4 Nicolas Salguero 2024-01-12 09:32:24 CET

Mageia 8 EOL

Status: NEW => RESOLVED
CC: (none) => nicolas.salguero
Resolution: (none) => OLD

Note You need to log in before you can comment on or make changes to this bug.