Bug#814762: marked as done (kmail: CSS from HTML mail interfers with header layout)
Your message dated Tue, 02 Aug 2016 12:33:48 +0000
with message-id <E1bUYtI-0004na-3W@franck.debian.org>
and subject line Bug#814762: fixed in kdepim-addons 16.04.3-1
has caused the Debian Bug report #814762,
regarding kmail: CSS from HTML mail interfers with header layout
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
814762: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814762
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: kmail: CSS from HTML mail interfers with header layout
- From: Dominik George <nik@naturalnet.de>
- Date: Mon, 15 Feb 2016 09:18:23 +0100
- Message-id: <145552430301.3115.2598532702950629970.reportbug@portux.lan.naturalnet.de>
Package: kmail
Version: 4:4.14.10-2
Severity: normal
I just saw an HTML message that style html and body interfer with the
message headers (in that case, the message heraders got centered along
with the rest of the message).
On first glance, this is a cosmetic issue. On second thought, it is
imaginable that this can be abused to hide or inject information into
the headers, thus easing phishing or scamming or even tricking the user
into assuming a different sender, replying with confidential
information.
I am not certain that the latter will actually work; if you agree with
my thoughts, please take the relevant steps to make this a security bug.
-- System Information:
Debian Release: stretch/sid
Architecture: amd64 (x86_64)
Kernel: Linux 4.3.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages kmail depends on:
ii kde-runtime 4:15.08.3-1+b1
ii kdepim-runtime 4:4.14.10-2
ii kdepimlibs-kio-plugins 4:4.14.10-1
ii libakonadi-calendar4 4:4.14.10-1
ii libakonadi-contact4 4:4.14.10-1
ii libakonadi-kde4 4:4.14.10-1
ii libakonadi-kmime4 4:4.14.10-1
ii libakonadiprotocolinternals1 1.13.0-8
ii libc6 2.21-7
ii libcalendarsupport4 4:4.14.10-2
ii libfollowupreminder4 4:4.14.10-2
ii libgcc1 1:5.3.1-8
ii libgpgme++2v5 4:4.14.10-1
ii libgrantlee-core0 0.4.0-3
ii libincidenceeditorsng4 4:4.14.10-2
ii libkabc4 4:4.14.10-1
ii libkalarmcal2 4:4.14.10-1
ii libkcalcore4 4:4.14.10-1
ii libkcalutils4 4:4.14.10-1
ii libkcmutils4 4:4.14.14-1+b1
ii libkdecore5 4:4.14.14-1+b1
ii libkdepim4 4:4.14.10-2
ii libkdeui5 4:4.14.14-1+b1
ii libkio5 4:4.14.14-1+b1
ii libkleo4 4:4.14.10-2
ii libkmanagesieve4 4:4.14.10-2
ii libkmime4 4:4.14.10-1
ii libknotifyconfig4 4:4.14.14-1+b1
ii libkontactinterface4a 4:4.14.10-1
ii libkparts4 4:4.14.14-1+b1
ii libkpimidentities4 4:4.14.10-1
ii libkpimtextedit4 4:4.14.10-1
ii libkpimutils4 4:4.14.10-1
ii libkprintutils4 4:4.14.14-1+b1
ii libksieveui4 4:4.14.10-2
ii libmailcommon4 4:4.14.10-2
ii libmailimporter4 4:4.14.10-2
ii libmailtransport4 4:4.14.10-1
ii libmessagecomposer4 4:4.14.10-2
ii libmessagecore4 4:4.14.10-2
ii libmessagelist4 4:4.14.10-2
ii libmessageviewer4 4:4.14.10-2
ii libpimcommon4 4:4.14.10-2
ii libqt4-dbus 4:4.8.7+dfsg-5
ii libqt4-network 4:4.8.7+dfsg-5
ii libqt4-xml 4:4.8.7+dfsg-5
ii libqtcore4 4:4.8.7+dfsg-5
ii libqtgui4 4:4.8.7+dfsg-5
ii libqtwebkit4 2.3.4.dfsg-6
ii libsendlater4 4:4.14.10-2
ii libsolid4 4:4.14.14-1+b1
ii libstdc++6 5.3.1-8
ii libtemplateparser4 4:4.14.10-2
ii perl 5.22.1-7
Versions of packages kmail recommends:
ii gnupg-agent 2.1.11-5
ii gnupg2 2.1.11-5
ii kdepim-doc 4:4.14.10-2
pn kdepim-themeditors <none>
ii ktnef 4:4.14.10-2
ii pinentry-qt [pinentry-x11] 0.9.7-3
Versions of packages kmail suggests:
pn clamav <none>
ii kaddressbook 4:4.14.10-2
ii kleopatra 4:4.14.10-2
ii procmail 3.22-25
pn spamassassin | bogofilter | annoyance-filter | spambayes | bsf <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
- To: 814762-close@bugs.debian.org
- Subject: Bug#814762: fixed in kdepim-addons 16.04.3-1
- From: Maximiliano Curia <maxy@debian.org>
- Date: Tue, 02 Aug 2016 12:33:48 +0000
- Message-id: <E1bUYtI-0004na-3W@franck.debian.org>
Source: kdepim-addons
Source-Version: 16.04.3-1
We believe that the bug you reported is fixed in the latest version of
kdepim-addons, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 814762@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Maximiliano Curia <maxy@debian.org> (supplier of updated kdepim-addons package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 02 Aug 2016 14:12:16 +0200
Source: kdepim-addons
Binary: kdepim-addons
Architecture: source
Version: 16.04.3-1
Distribution: unstable
Urgency: high
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Maximiliano Curia <maxy@debian.org>
Description:
kdepim-addons - Addons for KDE PIM applications
Closes: 814762
Changes:
kdepim-addons (16.04.3-1) unstable; urgency=high
.
[ Automatic packaging ]
* Refresh patches
.
[ Pino Toscano ]
* autopkgtest: switch from oxygen5-icon-theme back to the canonical
oxygen-icon-theme.
.
[ Maximiliano Curia ]
* Add upstream patches: get-rid-of-not-needed-div.patch and Do-not-allow-html-mail-to-use-css-that-only-should-b.patch
(Closes: 814762)
Checksums-Sha1:
7ac2b6b5fdf01306f036d2571e999d6859d2d1ab 2876 kdepim-addons_16.04.3-1.dsc
8e480d3b1449d0460d72c3a3cd358ef85eb6f2f0 211260 kdepim-addons_16.04.3.orig.tar.xz
e45bc4ee48940e84d557a5ceb7157d17f5937ee1 18648 kdepim-addons_16.04.3-1.debian.tar.xz
Checksums-Sha256:
684e6126468195acb16482d54a11b63915c2f6014494b34c20138a4e9be0efd7 2876 kdepim-addons_16.04.3-1.dsc
09d9fd6a9245dca23a1cc1582b0746236d4c6d600021a02c63f0c1389afecabe 211260 kdepim-addons_16.04.3.orig.tar.xz
b226cf575cc22065ff08969f83462568c9655f414be9963e467b1e06665f2204 18648 kdepim-addons_16.04.3-1.debian.tar.xz
Files:
1719eb6e8663b769e47d3d4b14798400 2876 kde optional kdepim-addons_16.04.3-1.dsc
047165b1b7101e128fef0af3c9b0572d 211260 kde optional kdepim-addons_16.04.3.orig.tar.xz
e4e5183adfbf3b13643e399b28c61f04 18648 kde optional kdepim-addons_16.04.3-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXoI5UAAoJEMcZdpmymyMqrJwP/013VcCAmRdBMN7+cX5zuPbG
QhRWJgc0WiqqOwugBadTgA1r5Yo1yOaBj0dQV5czV3XZwy7wXWhpjroBm3Ob9qRh
nlWGJHklDvUbYw+gNPgOw2tMOrMiSEI9tx/H1TsWXFsftWGAxupaYj0azYLlsqmX
8tqIumCr7JvGg5+w20Tt9CQrurR8s08lconJzjHW8c+bo3HWT5oyjaAePMhu68TH
ABjY5NJBCza6622hHtkgB1g6nWr5r6Kp2E1ndspknB0GMqtXLhSAUflTdaL/tipX
TzR7wK8LLjwK6J/zc4OYNH43omN4mk6VDJrwJZDCDsio4dzLljCD54lvcXUVsYF7
X3vmIZ9AE3N9TEnf/45yIJ6CNn9d14sJFxXkBZq3JujKrTMTrppThLqQ8UKSv0g8
++5+HNCa/rBK+LExnu8LVh2sgSwel4Pxle7nHnP57iyeZ1oNhHTj+kpYYVByf5PP
kB3hr+HGboRIjUSTTTNsU3MnSGB0zBr6z6RMwPsBKA9Jb0+YIST+YwtqkQ855OOW
w4cbIuLMWokfknIHf7XQHrp/HY4voBkCy8t/UlU3dKrfx8+SfpDnI18jOWKCi38r
gwxjM21Ya5gRqFXEnk9nzs68aV5eLgmXxUBy/i6OLBV8mAvDSSu7TF50EWeoue+I
bl5fCxt1sneS2fuIKGmF
=cMGp
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: