openSUSE Security Update : claws-mail (openSUSE-SU-2014:1291-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

- Update to version 3.10.1(bnc#870858) :

+ Add an account preference to allow automatically
accepting unknown and changed SSL certificates, if
they're valid (that is, if the root CA is trusted by the

+ RFE 3196, 'When changing quicksearch Search Type, set
focus to search input box'.

+ PGP/Core plugin: Generate 2048 bit RSA keys.

+ Major code cleanup.

+ Extended claws-mail.desktop with Compose and Receive

+ Fix GConf use with newer Glib.

+ Fix the race fix, now preventing the compose window to
be closed.

+ Fix 'File (null) doesn't exist' error dialog, when
attaching a non-existing file via --attach

+ Fix spacing in Folderview if the font is far from the
system font.

+ RSSyl :

- When parsing RSS 2.0, ignore tags with a namespace

- Check for existence of xmlNode namespace, to prevent
NULL pointer crashes.

+ Bugs fixed: claws#2728, claws#2981, claws#3170,
claws#3179, claws#3201, deb#730050.

+ Updated translations.

- Drop
h as fixed upstream.

This also fixes CVE-2014-2576.

See also :

Solution :

Update the affected claws-mail packages.

Risk factor :

Medium / CVSS Base Score : 6.8

Family: SuSE Local Security Checks

Nessus Plugin ID: 78452 ()

Bugtraq ID:

CVE ID: CVE-2014-2576

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now