[Users] Claws for windows contains vulnerable libraries

marlene.pratt at hushmail.com marlene.pratt at hushmail.com
Tue Nov 26 22:47:07 CET 2013


Hi,

This has nothing to do with the linux version of claws, since libraries are updated separately by the linux distribution to include security updates.

I noticed that several of the DLLs included with the windows version of claws are severely outdated and contain security vulnerabilities - for example the libraries that provide curl, gnupg, png, gnutls and zlib have had security vulnerability fixes that are not included in the distribution of claws for windows.

There are also some other libraries that have outdated versions.

Since this is something that has nothing to do with the source code and is related to the build environment, there is no patch that I can submit - I can however provide some advice if you need it.




More information about the Users mailing list