[Users] Claws for windows contains vulnerable libraries
Colin Leroy
colin at colino.net
Fri Nov 29 10:58:22 CET 2013
On Wed, 27 Nov 2013 10:06:40 +0100, Colin Leroy <colin at colino.net>
wrote:
Hi,
> > I noticed that several of the DLLs included with the windows version
> > of claws are severely outdated and contain security vulnerabilities
> > - for example the libraries that provide curl, gnupg, png, gnutls
> > and zlib have had security vulnerability fixes that are not
> > included in the distribution of claws for windows.
>
> Indeed, an update of these libs is far overdue. I'll try to find time
> to do it ASAP...
This is now done! I haven't updated libpng, though, because it is the
up-to-date version of 1.4.x branch and it's not vulnerable from what
I've read on the website.
HTH,
--
Colin
More information about the Users
mailing list