KDE Project Security Advisory: KMail: HTML injection in plain text viewer

Antonio Rojas arojas at archlinux.org
Mon Oct 10 09:56:36 UTC 2016

El Thu, 06 Oct 2016 23:44:58 +0100, Jonathan Riddell escribió:

> These patches don't apply to the released versions, I've taken a diff
> from the branches
> https://packaging.neon.kde.org/applications/messagelib.git/tree/debian/
> https://packaging.neon.kde.org/frameworks/kcoreaddons.git/tree/debian/
> Jonathan

Thanks for these. Just a warning that the messagelib patch breaks BIC, so 
at least mailcommon, kdepim and kdepim-addons need to be rebuilt against 
the patched messagelib.

More information about the release-team mailing list