{"affected":[{"ecosystem_specific":{"binaries":[{"claws-mail":"3.17.6-lp152.3.3.1","claws-mail-devel":"3.17.6-lp152.3.3.1","claws-mail-lang":"3.17.6-lp152.3.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"claws-mail","purl":"pkg:rpm/opensuse/claws-mail&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.17.6-lp152.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for claws-mail fixes the following issues:\n\n- Update to 3.17.6:\n * It is now possible to 'Inherit Folder properties and processing\n   rules from parent folder' when creating new folders with the\n   move message and copy message dialogues.\n * A Phishing warning is now shown when copying a phishing URL, (in\n   addition to clicking a phishing URL).\n * The progress window when importing an mbox file is now more\n   responsive.\n * A warning dialogue is shown if the selected privacy system is\n   'None' and automatic signing amd/or encrypting is enabled.\n * Python plugin: pkgconfig is now used to check for python2. This\n   enables the Python plugin (which uses python2) to be built on\n   newer systems which have both python2 and python3.\n- CVE-2020-15917: Fixed an improper handling of suffix data after STARTTLS is mishandled (boo#1174457).\n","id":"openSUSE-SU-2020:1139-1","modified":"2020-08-03T12:23:30Z","published":"2020-08-03T12:23:30Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2VZI6IM4FOADBLISYX3SV7H6LHDM5EBO/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1174457"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-15917"}],"related":["CVE-2020-15917"],"summary":"Security update for claws-mail","upstream":["CVE-2020-15917"]}