openSUSE: Security Advisory for claws-mail (openSUSE-SU-2020:1822-1)

The remote host is missing an update for the 'claws-mail' package(s) announced via the openSUSE-SU-2020:1822-1 advisory.

This update for claws-mail fixes the following issues: - Additional cleanup of the template handling claws-mail was updated to 3.17.8 (boo#1177967) * Shielded template's <pipe>program{} and <pipe>attach_program{} so that the command-line that is executed does not allow sequencing such as with && <pipe><pipe>, , preventing possible execution of nasty, or at least unexpected, commands * bug fixes: claws#4376 * updated English, French, and Spanish manuals - Update to 3.17.7 * Image Viewer: Image attachments, when displayed, are now resized to fit the available width rather than the available height. * -d is now an alias to --debug. * Libravatar plugin: New styles supported: Robohash and Pagan. * SpamAssassin plugin: The 'Maximum size' option now matches SpamAssassin's maximum, it can now handle messages up to 256MB. * LiteHTML viewer plugin: The UI is now translatable. Bug fixes: * bug 4313, 'Recursion stack overflow with rebuilding folder tree' * bug 4372, '[pl_PL] Crash after 'Send later' without recipient and then 'Close'' * bug 4373, 'attach mailto URI double free' * bug 4374, 'insert mailto URI misses checks' * bug 4384, 'U+00AD (soft hyphen) changed to space in Subject' * bug 4386, 'Allow Sieve config without userid without warning' * Add missing SSL settings when cloning accounts. * Parsing of command-line arguments. * PGP Core plugin: fix segv in address completion with a keyring. * Libravatar plugin: fixes to image display. - Disable python-gtk plugin on suse_version > 1500: still relying on python2, which is EOL. - Update to 3.17.6: * It is now possible to 'Inherit Folder properties and processing rules from parent folder' when creating new folders with the move message and copy message dialogues. * A Phishing warning is now shown when copying a phishing URL, (in addition to clicking a phishing URL). * The progress window when importing an mbox file is now more responsive. * A warning dialogue is shown if the selected privacy system is 'None' and automatic signing amd/or encrypting is enabled. * Python plugin: pkgconfig is now used to check for python2. This enables the Python plugin (which uses python2) to be built on newer systems which have both python2 and python3. Bug fixes: * bug 3922, 'minimize to tray on startup not working' * bug 4220, 'generates files in cache without content' * bug 4325, 'Following redirects when retrieving image' * bug 4342, 'Import mbox file command doesn't work twice on a row' * fix STARTTLS protocol violation * fix initial de ... Description truncated. Please see the references for more information.

'claws-mail' package(s) on openSUSE Leap 15.2, openSUSE Leap 15.1.

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).