GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sun Jun 26, 2016 1:26 pm Post subject: [ GLSA 201606-11 ] claws-mail |
|
|
Gentoo Linux Security Advisory
Title: claws-mail: Multiple Vulnerabilities (GLSA 201606-11)
Severity: normal
Exploitable: remote
Date: June 26, 2016
Bug(s): #525588, #569010, #570692
ID: 201606-11
Synopsis
Multiple vulnerabilities have been found in claws-mail,
particularly in the default SSL implementation.
Background
Claws Mail is a GTK based e-mail client.
Affected Packages
Package: mail-client/claws-mail
Vulnerable: < 3.13.2
Unaffected: >= 3.13.2
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in claws-mail. Please
review the CVE identifiers referenced below for details.
Impact
An attacker could possibly intercept communications due to the default
implementation of SSL 3.0.
Workaround
There is no known workaround at this time.
Resolution
All claws-mail users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=mail-client/claws-mail-3.13.2"
|
References
CVE-2014-3566
CVE-2015-8614
CVE-2015-8614
CVE-2015-8708
CVE-2015-8708 |
|