opensuse-su-2020:1822-1
Vulnerability from csaf_opensuse
Published
2020-11-02 23:25
Modified
2020-11-02 23:25
Summary
Security update for claws-mail

Notes

Title of the patch
Security update for claws-mail
Description of the patch
This update for claws-mail fixes the following issues: - Additional cleanup of the template handling claws-mail was updated to 3.17.8 (boo#1177967) * Shielded template's |program{} and |attach_program{} so that the command-line that is executed does not allow sequencing such as with && || ;, preventing possible execution of nasty, or at least unexpected, commands * bug fixes: claws#4376 * updated English, French, and Spanish manuals - Update to 3.17.7 * Image Viewer: Image attachments, when displayed, are now resized to fit the available width rather than the available height. * -d is now an alias to --debug. * Libravatar plugin: New styles supported: Robohash and Pagan. * SpamAssassin plugin: The 'Maximum size' option now matches SpamAssassin's maximum; it can now handle messages up to 256MB. * LiteHTML viewer plugin: The UI is now translatable. Bug fixes: * bug 4313, 'Recursion stack overflow with rebuilding folder tree' * bug 4372, '[pl_PL] Crash after 'Send later' without recipient and then 'Close'' * bug 4373, 'attach mailto URI double free' * bug 4374, 'insert mailto URI misses checks' * bug 4384, 'U+00AD (soft hyphen) changed to space in Subject' * bug 4386, 'Allow Sieve config without userid without warning' * Add missing SSL settings when cloning accounts. * Parsing of command-line arguments. * PGP Core plugin: fix segv in address completion with a keyring. * Libravatar plugin: fixes to image display. - Disable python-gtk plugin on suse_version > 1500: still relying on python2, which is EOL. - Update to 3.17.6: * It is now possible to 'Inherit Folder properties and processing rules from parent folder' when creating new folders with the move message and copy message dialogues. * A Phishing warning is now shown when copying a phishing URL, (in addition to clicking a phishing URL). * The progress window when importing an mbox file is now more responsive. * A warning dialogue is shown if the selected privacy system is 'None' and automatic signing amd/or encrypting is enabled. * Python plugin: pkgconfig is now used to check for python2. This enables the Python plugin (which uses python2) to be built on newer systems which have both python2 and python3. Bug fixes: * bug 3922, 'minimize to tray on startup not working' * bug 4220, 'generates files in cache without content' * bug 4325, 'Following redirects when retrieving image' * bug 4342, 'Import mbox file command doesn't work twice on a row' * fix STARTTLS protocol violation * fix initial debug line * fix fat-fingered crash when v (hiding msgview) is pressed just before c (check signature) * fix non-translation of some Templates strings - Update to 3.17.5 + Inline Git patches now have colour syntax highlighting The colours of these, and patch attachments, are configurable on the 'Other' tab of the Display/Colors page of the general preferences. + The previously hidden preference, 'summary_from_show', is now configurable within the UI, on the 'Message List' tab of the Display/Summaries page of the general preferences, 'Displayed in From column [ ]'. + 'Re-edit' has been added to the message context menu when in the Drafts folder. + Additional Date header formats are supported: - weekday, month, day, hh, mm, ss, year, zone - weekday, month, day, hh, mm, ss, year + LiteHtml viewer plugin: scrolling with the keyboard has been implemented. + The included tools/scripts have been updated: - eud2gc.py converted to Python 3 - tbird2claws.py converted to Python 3 - tbird2claws.py converted to Python 3 - google_search.pl has been replaced with ddg_search.pl (that is, duckduckgo.com instead of google.com) - fix_date.sh and its documentation have been updated - multiwebsearch.pl 'fm' (freshmeat.net) has been removed; 'google' has been replaced by 'ddg' - the outdated OOo2claws-mail.pl script has been removed + Updated manuals + Updated translations: British English, Catalan, Czech, Danish, Dutch, French, German, Russian, Slovak, Spanish, Swedish, Traditional Chinese, Turkish + bug fixes: claws#2131, claws#4237, claws#4239, claws#4248, claws#4253, claws#4257, claws#4277, claws#4278, claws#4305 + Misc bugs fixed: - Fix crash in litehtml_viewer when tag has no href - removed 'The following file has been attached...' dialogue - MBOX import: give a better estimation of the time left and grey out widgets while importing - Fixed 'vcard.c:238:2: warning: ‘strncpy’ output truncate before terminating nul copying as many bytes from a string as its length' - RSSyl: Fix handling deleted feed items where modified and published dates do not match - fix bolding of target folder - when creating a new account, don't pre-fill data from the default account - respect 'default selection' settings when moving a msg with manual filtering - Fix printing of empty pages when the selected part is rendered with a plugin not implementing print - Addressbook folder selection dialogs: make sure folder list is sorted and apply global prefs to get stripes in lists. - when user cancels the GPG signing passphrase dialogue, don't bother the user with an 'error' dialogue - Fix imap keyword search. Libetpan assumes keyword search is a MUST but RFC states it is a MAY. Fix advanced search on MS Exchange - fix SHIFT+SPACE in msg list, moving in reverse - revert pasting images as attachments - Fix help about command-line arguments that require a parameter. - Printing: only print as plain text if the part is of type text - fix a segfault with default info icon when trying to print a non-text part. - Add a test on build-time libetpan version to require the proper version at run-time (boo#1157594) - Move 'Mark all read/unread' menu entries where they belong. remove-MarkAll-from-message-menu.patch (claws#4278) add-MarkAll-to-folder-menu.patch (claws#4278) - Make litehtml plugin build on Tumbleweed. - Update to 3.17.4: * New HTML viewer plugin: Litehtml viewer * Added option 'Enable keyboard shortcuts' to the 'Keyboard shortcuts' frame on /Configuration/Preferences/Other/Miscellaneous * Compose: implemented copying of attached images to clipboard * Compose: images and text/uri-list (files) can now be attached by pasting into the Compose window * Python plugin: window sizes are now remembered for the Python console, the 'Open URLs' and the 'Set mailbox order' windows. * Fancy plugin: the download-link feature now follows redirections * MBOX export: the Enter key in the dialogue now starts the export * The date (ISO format) has been added to log timestamps * Update translations - bug 1920, 'No automatic NNTP filtering' - bug 2045, 'address book blocks focus on email window' - bug 2131, 'Focus stealing after mail check' - bug 2627, 'Filtering does not work on NNTP' - bug 3070, 'misbehaving text wrapping when URL chars are present' - bug 3838, 'Canceled right-click on message list leaves UI in inconsistent state' - bug 3977, 'Fix crashes when some external APIs fail' - bug 3979, 'Hang (with killing needed) during action which extracts attachments' - bug 4029, 'segfault after deleting message in a window' - bug 4031, 'fingerprint in SSL/TLS certificates for ... (regress error)' - bug 4037, 'Fix some small issues' - bug 4142, 'Translation error on Russian' - bug 4145, 'proxy server for sending doesn't work' - bug 4155, 'remember directory of last saving' - bug 4166, 'corrupted double-linked list' - bug 4167, 'Max line length exceeded when forwarding mail' - bug 4188, 'STL file is sent not as an attachment but as its base64 representation in plaintext' - CID 1442278, 'impossible to trigger buffer overflow' - Make key accelerators from menu work in addressbook window - save checkbox choices of display/summaries/defaults prefs - Do not throw an error when cancelling 'Save email as...'. - occasional crash on drag'n'drop of msgs - possible stack overflow in vcalendar's Curl data handler - crash when LDAP address source is defined in index, but - support is disabled - crash in Fancy plugin if one of the MIME parts has no - -ID - a few small memory leaks in scan_mailto_url() - configure script for rare cases where python is not installed - incorrect charset conversion in sc_html_read_line(). - markup in 'key not fully trusted' warning in pgpcore - use after free in rare code path in rssyl_subscribe() - several memory leaks - verify_folderlist_xml() for fresh starts - printf formats for size_t and goffset arguments. - alertpanel API use in win32 part of mimeview.c - pid handling in debug output of kill_children_cb() - incorrect pointer arithmetic in w32_filesel.c
Patchnames
openSUSE-2020-1822
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for claws-mail",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for claws-mail fixes the following issues:\n\n- Additional cleanup of the template handling\n\nclaws-mail was updated to 3.17.8 (boo#1177967)\n\n  * Shielded template\u0027s |program{} and |attach_program{} so that the\n    command-line that is executed does not allow sequencing such as\n    with \u0026\u0026 || ;, preventing possible execution of nasty, or at least\n    unexpected, commands\n  * bug fixes: claws#4376\n  * updated English, French, and Spanish manuals\n\n- Update to 3.17.7 \n\n  * Image Viewer: Image attachments, when displayed, are now resized\n    to fit the available width rather than the available height.\n  * -d is now an alias to --debug.\n  * Libravatar plugin: New styles supported: Robohash and Pagan.\n  * SpamAssassin plugin: The \u0027Maximum size\u0027 option now matches\n    SpamAssassin\u0027s maximum; it can now handle messages up to 256MB.\n  * LiteHTML viewer plugin: The UI is now translatable.\n  Bug fixes:\n  * bug 4313, \u0027Recursion stack overflow with rebuilding folder\n    tree\u0027\n  * bug 4372, \u0027[pl_PL] Crash after \u0027Send later\u0027 without\n    recipient and then \u0027Close\u0027\u0027\n  * bug 4373, \u0027attach mailto URI double free\u0027\n  * bug 4374, \u0027insert mailto URI misses checks\u0027\n  * bug 4384, \u0027U+00AD (soft hyphen) changed to space in\n    Subject\u0027\n  * bug 4386, \u0027Allow Sieve config without userid without\n    warning\u0027\n  * Add missing SSL settings when cloning accounts.\n  * Parsing of command-line arguments.\n  * PGP Core plugin: fix segv in address completion with a\n    keyring.\n  * Libravatar plugin: fixes to image display.\n\n- Disable python-gtk plugin on suse_version \u003e 1500: still relying\n  on python2, which is EOL.\n\n- Update to 3.17.6:\n\n  * It is now possible to \u0027Inherit Folder properties and processing\n    rules from parent folder\u0027 when creating new folders with the\n    move message and copy message dialogues.\n  * A Phishing warning is now shown when copying a phishing URL, (in\n    addition to clicking a phishing URL).\n  * The progress window when importing an mbox file is now more\n    responsive.\n  * A warning dialogue is shown if the selected privacy system is\n    \u0027None\u0027 and automatic signing amd/or encrypting is enabled.\n  * Python plugin: pkgconfig is now used to check for python2. This\n    enables the Python plugin (which uses python2) to be built on\n    newer systems which have both python2 and python3.\n  Bug fixes:\n  * bug 3922, \u0027minimize to tray on startup not working\u0027\n  * bug 4220, \u0027generates files in cache without content\u0027\n  * bug 4325, \u0027Following redirects when retrieving image\u0027\n  * bug 4342, \u0027Import mbox file command doesn\u0027t work twice on a row\u0027\n  * fix STARTTLS protocol violation\n  * fix initial debug line\n  * fix fat-fingered crash when v (hiding msgview) is pressed\n    just before c (check signature)\n  * fix non-translation of some Templates strings\n\n\n- Update to 3.17.5\n\n  + Inline Git patches now have colour syntax highlighting\n    The colours of these, and patch attachments, are configurable on\n    the \u0027Other\u0027 tab of the Display/Colors page of the general\n    preferences.\n  + The previously hidden preference, \u0027summary_from_show\u0027, is now\n    configurable within the UI, on the \u0027Message List\u0027 tab of the\n    Display/Summaries page of the general preferences, \u0027Displayed in\n    From column [ ]\u0027.\n  + \u0027Re-edit\u0027 has been added to the message context menu when in the\n    Drafts folder.\n  + Additional Date header formats are supported:\n    - weekday, month, day, hh, mm, ss, year, zone\n    - weekday, month, day, hh, mm, ss, year\n  + LiteHtml viewer plugin: scrolling with the keyboard has been\n    implemented.\n  + The included tools/scripts have been updated:\n    - eud2gc.py converted to Python 3\n    - tbird2claws.py converted to Python 3\n    - tbird2claws.py converted to Python 3\n    - google_search.pl has been replaced with ddg_search.pl (that is,\n      duckduckgo.com instead of google.com)\n    - fix_date.sh and its documentation have been updated \n    - multiwebsearch.pl \u0027fm\u0027 (freshmeat.net) has been removed; \u0027google\u0027\n      has been replaced by \u0027ddg\u0027\n    - the outdated OOo2claws-mail.pl script has been removed\n  + Updated manuals\n  + Updated translations: British English, Catalan, Czech, Danish,\n    Dutch, French, German, Russian, Slovak, Spanish, Swedish,\n    Traditional Chinese, Turkish\n  + bug fixes: claws#2131, claws#4237, claws#4239, claws#4248, \n    claws#4253, claws#4257, claws#4277, claws#4278, claws#4305\n  + Misc bugs fixed:\n    - Fix crash in litehtml_viewer when  tag has no href\n    - removed \u0027The following file has been attached...\u0027 dialogue\n    - MBOX import: give a better estimation of the time left and\n      grey out widgets while importing\n    - Fixed \u0027vcard.c:238:2: warning: \u2018strncpy\u2019 output truncate \n      before terminating nul copying as many bytes from a string\n      as its length\u0027\n    - RSSyl: Fix handling deleted feed items where modified and\n      published dates do not match \n    - fix bolding of target folder\n    - when creating a new account, don\u0027t pre-fill data from the\n      default account\n    - respect \u0027default selection\u0027 settings when moving a msg with\n      manual filtering\n    - Fix printing of empty pages when the selected part is\n      rendered with a plugin not implementing print\n    - Addressbook folder selection dialogs: make sure folder list\n      is sorted and apply global prefs to get stripes in lists.\n    - when user cancels the GPG signing passphrase dialogue,\n      don\u0027t bother the user with an \u0027error\u0027 dialogue\n    - Fix imap keyword search. Libetpan assumes keyword search is\n      a MUST but RFC states it is a MAY. Fix advanced search on\n      MS Exchange\n    - fix SHIFT+SPACE in msg list, moving in reverse\n    - revert pasting images as attachments\n    - Fix help about command-line arguments that require a\n      parameter.\n    - Printing: only print as plain text if the part is of type\n      text\n    - fix a segfault with default info icon when trying to print\n     a non-text part.\n\n- Add a test on build-time libetpan version to require the proper\n  version at run-time (boo#1157594)\n\n- Move \u0027Mark all read/unread\u0027 menu entries where they belong.\n  remove-MarkAll-from-message-menu.patch (claws#4278)\n  add-MarkAll-to-folder-menu.patch (claws#4278)\n\n- Make litehtml plugin build on Tumbleweed.\n\n- Update to 3.17.4:\n\n  * New HTML viewer plugin: Litehtml viewer\n  * Added option \u0027Enable keyboard shortcuts\u0027 to the \u0027Keyboard\n    shortcuts\u0027 frame on /Configuration/Preferences/Other/Miscellaneous\n  * Compose: implemented copying of attached images to clipboard\n  * Compose: images and text/uri-list (files) can now be attached by\n    pasting into the Compose window\n  * Python plugin: window sizes are now remembered for the Python\n    console, the \u0027Open URLs\u0027 and the \u0027Set mailbox order\u0027 windows.\n  * Fancy plugin: the download-link feature now follows redirections\n  * MBOX export: the Enter key in the dialogue now starts the export\n  * The date (ISO format) has been added to log timestamps\n  * Update translations\n    - bug 1920, \u0027No automatic NNTP filtering\u0027\n    - bug 2045, \u0027address book blocks focus on email window\u0027\n    - bug 2131, \u0027Focus stealing after mail check\u0027\n    - bug 2627, \u0027Filtering does not work on NNTP\u0027\n    - bug 3070, \u0027misbehaving text wrapping when URL chars are present\u0027\n    - bug 3838, \u0027Canceled right-click on message list leaves UI\n      in inconsistent state\u0027\n    - bug 3977, \u0027Fix crashes when some external APIs fail\u0027\n    - bug 3979, \u0027Hang (with killing needed) during action which\n      extracts attachments\u0027\n    - bug 4029, \u0027segfault after deleting message in a window\u0027\n    - bug 4031, \u0027fingerprint in SSL/TLS certificates for ...\n      (regress error)\u0027\n    - bug 4037, \u0027Fix some small issues\u0027\n    - bug 4142, \u0027Translation error on Russian\u0027\n    - bug 4145, \u0027proxy server for sending doesn\u0027t work\u0027\n    - bug 4155, \u0027remember directory of last saving\u0027\n    - bug 4166, \u0027corrupted double-linked list\u0027\n    - bug 4167, \u0027Max line length exceeded when forwarding mail\u0027\n    - bug 4188, \u0027STL file is sent not as an attachment but as its\n      base64 representation in plaintext\u0027\n    - CID 1442278, \u0027impossible to trigger buffer overflow\u0027\n    - Make key accelerators from menu work in addressbook window\n    - save checkbox choices of display/summaries/defaults prefs\n    - Do not throw an error when cancelling \u0027Save email as...\u0027.\n    - occasional crash on drag\u0027n\u0027drop of msgs\n    - possible stack overflow in vcalendar\u0027s Curl data handler\n    - crash when LDAP address source is defined in index, but\n    - support is disabled\n    - crash in Fancy plugin if one of the MIME parts has no\n    - -ID\n    - a few small memory leaks in scan_mailto_url()\n    - configure script for rare cases where python is not\n      installed\n    - incorrect charset conversion in sc_html_read_line().\n    - markup in \u0027key not fully trusted\u0027 warning in pgpcore\n    - use after free in rare code path in rssyl_subscribe()\n    - several memory leaks\n    - verify_folderlist_xml() for fresh starts\n    - printf formats for size_t and goffset arguments.\n    - alertpanel API use in win32 part of mimeview.c\n    - pid handling in debug output of kill_children_cb()\n    - incorrect pointer arithmetic in w32_filesel.c\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2020-1822",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1822-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2020:1822-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TJZJ7GCA3H35VDJV4TSCXVOQHIMHDZYO/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2020:1822-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TJZJ7GCA3H35VDJV4TSCXVOQHIMHDZYO/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1157594",
        "url": "https://bugzilla.suse.com/1157594"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1177967",
        "url": "https://bugzilla.suse.com/1177967"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-15917 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-15917/"
      }
    ],
    "title": "Security update for claws-mail",
    "tracking": {
      "current_release_date": "2020-11-02T23:25:05Z",
      "generator": {
        "date": "2020-11-02T23:25:05Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2020:1822-1",
      "initial_release_date": "2020-11-02T23:25:05Z",
      "revision_history": [
        {
          "date": "2020-11-02T23:25:05Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "claws-mail-3.17.8-bp152.3.6.1.aarch64",
                "product": {
                  "name": "claws-mail-3.17.8-bp152.3.6.1.aarch64",
                  "product_id": "claws-mail-3.17.8-bp152.3.6.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
                "product": {
                  "name": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
                  "product_id": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
                "product": {
                  "name": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
                  "product_id": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "claws-mail-3.17.8-bp152.3.6.1.ppc64le",
                "product": {
                  "name": "claws-mail-3.17.8-bp152.3.6.1.ppc64le",
                  "product_id": "claws-mail-3.17.8-bp152.3.6.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
                "product": {
                  "name": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
                  "product_id": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "claws-mail-3.17.8-bp152.3.6.1.s390x",
                "product": {
                  "name": "claws-mail-3.17.8-bp152.3.6.1.s390x",
                  "product_id": "claws-mail-3.17.8-bp152.3.6.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
                "product": {
                  "name": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
                  "product_id": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "claws-mail-3.17.8-bp152.3.6.1.x86_64",
                "product": {
                  "name": "claws-mail-3.17.8-bp152.3.6.1.x86_64",
                  "product_id": "claws-mail-3.17.8-bp152.3.6.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
                "product": {
                  "name": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
                  "product_id": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP1",
                "product": {
                  "name": "SUSE Package Hub 15 SP1",
                  "product_id": "SUSE Package Hub 15 SP1"
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP2",
                "product": {
                  "name": "SUSE Package Hub 15 SP2",
                  "product_id": "SUSE Package Hub 15 SP2"
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.1",
                "product": {
                  "name": "openSUSE Leap 15.1",
                  "product_id": "openSUSE Leap 15.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.2",
                "product": {
                  "name": "openSUSE Leap 15.2",
                  "product_id": "openSUSE Leap 15.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.aarch64 as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.aarch64"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.ppc64le as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.ppc64le"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.s390x as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.s390x"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.x86_64 as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.x86_64"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64 as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.s390x"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64 as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:claws-mail-lang-3.17.8-bp152.3.6.1.noarch"
        },
        "product_reference": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.aarch64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.aarch64"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.ppc64le as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.ppc64le"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.s390x as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.s390x"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.x86_64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.x86_64"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.s390x"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:claws-mail-lang-3.17.8-bp152.3.6.1.noarch"
        },
        "product_reference": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.aarch64 as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.aarch64"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.ppc64le as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.ppc64le"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.s390x as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.s390x"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.x86_64 as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.x86_64"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64 as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.s390x"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64 as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:claws-mail-lang-3.17.8-bp152.3.6.1.noarch"
        },
        "product_reference": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.aarch64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.aarch64"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.ppc64le as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.ppc64le"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.s390x as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.s390x"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-3.17.8-bp152.3.6.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.x86_64"
        },
        "product_reference": "claws-mail-3.17.8-bp152.3.6.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.s390x"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64"
        },
        "product_reference": "claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:claws-mail-lang-3.17.8-bp152.3.6.1.noarch"
        },
        "product_reference": "claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-15917",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-15917"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.aarch64",
          "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
          "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.s390x",
          "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.x86_64",
          "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
          "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
          "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
          "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
          "SUSE Package Hub 15 SP1:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
          "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.aarch64",
          "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
          "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.s390x",
          "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.x86_64",
          "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
          "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
          "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
          "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
          "SUSE Package Hub 15 SP2:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
          "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.aarch64",
          "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
          "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.s390x",
          "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.x86_64",
          "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
          "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
          "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
          "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
          "openSUSE Leap 15.1:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
          "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.aarch64",
          "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
          "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.s390x",
          "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.x86_64",
          "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
          "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
          "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
          "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
          "openSUSE Leap 15.2:claws-mail-lang-3.17.8-bp152.3.6.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-15917",
          "url": "https://www.suse.com/security/cve/CVE-2020-15917"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1174457 for CVE-2020-15917",
          "url": "https://bugzilla.suse.com/1174457"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.aarch64",
            "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
            "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.s390x",
            "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.x86_64",
            "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
            "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
            "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
            "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
            "SUSE Package Hub 15 SP1:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
            "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.aarch64",
            "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
            "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.s390x",
            "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.x86_64",
            "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
            "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
            "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
            "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
            "SUSE Package Hub 15 SP2:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
            "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.aarch64",
            "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
            "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.s390x",
            "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.x86_64",
            "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
            "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
            "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
            "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
            "openSUSE Leap 15.1:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
            "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.aarch64",
            "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
            "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.s390x",
            "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.x86_64",
            "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
            "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
            "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
            "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
            "openSUSE Leap 15.2:claws-mail-lang-3.17.8-bp152.3.6.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.aarch64",
            "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
            "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.s390x",
            "SUSE Package Hub 15 SP1:claws-mail-3.17.8-bp152.3.6.1.x86_64",
            "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
            "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
            "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
            "SUSE Package Hub 15 SP1:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
            "SUSE Package Hub 15 SP1:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
            "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.aarch64",
            "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
            "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.s390x",
            "SUSE Package Hub 15 SP2:claws-mail-3.17.8-bp152.3.6.1.x86_64",
            "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
            "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
            "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
            "SUSE Package Hub 15 SP2:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
            "SUSE Package Hub 15 SP2:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
            "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.aarch64",
            "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
            "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.s390x",
            "openSUSE Leap 15.1:claws-mail-3.17.8-bp152.3.6.1.x86_64",
            "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
            "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
            "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
            "openSUSE Leap 15.1:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
            "openSUSE Leap 15.1:claws-mail-lang-3.17.8-bp152.3.6.1.noarch",
            "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.aarch64",
            "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.ppc64le",
            "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.s390x",
            "openSUSE Leap 15.2:claws-mail-3.17.8-bp152.3.6.1.x86_64",
            "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.aarch64",
            "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.ppc64le",
            "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.s390x",
            "openSUSE Leap 15.2:claws-mail-devel-3.17.8-bp152.3.6.1.x86_64",
            "openSUSE Leap 15.2:claws-mail-lang-3.17.8-bp152.3.6.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-11-02T23:25:05Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2020-15917"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…