MGASA-2020-0391

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0391.html

Import Source

https://advisories.mageia.org/MGASA-2020-0391.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2020-0391

Related

CVE-2020-16094

Published

2020-10-21T13:07:53Z

Modified

2020-10-21T12:33:59Z

Summary

Updated claw-mail packages fix a security vulnerability

Details

In imapscantree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree (CVE-2020-16094).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / claws-mail

Package

Name: claws-mail
Purl: pkg:rpm/mageia/claws-mail?arch=source&distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.17.7-1.mga7

Ecosystem specific

{
    "section": "core"
}