[kmail2] [Bug 394554] Regression: kMail 5.8.1 Information Leak: kMail loads external references in HTML mails without asking
Gunter Ohrner
bugzilla_noreply at kde.org
Thu May 24 10:21:47 BST 2018
https://bugs.kde.org/show_bug.cgi?id=394554
--- Comment #14 from Gunter Ohrner <kdebugs at CustomCDROM.de> ---
Ok, it really gets somewhat strange now:
* I got an HTML mail (again some GDPR notification from a company) and kMail
rendered the externally referenced logo immediately after activating HTML
rendering.
* Afterwards I closed kMail, reopened it and reopened the mail again - now
kMail correctly asked if external references shall really be displayed, as
expected.
I need to do further tests, but could it be possible that "something else"
already accesses and fetches the image before the mail is actually displayed,
such that the image is cached when kMail finally is asked to render it and an
additional network access is not necessary any more?
In this case the security issue would be somewhere else.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list