[Users] Claws for windows contains vulnerable libraries
Brian Morrison
bdm at fenrir.org.uk
Fri Nov 29 18:07:58 CET 2013
On Fri, 29 Nov 2013 10:58:22 +0100
Colin Leroy wrote:
> On Wed, 27 Nov 2013 10:06:40 +0100, Colin Leroy <colin at colino.net>
> wrote:
>
> Hi,
>
> > > I noticed that several of the DLLs included with the windows
> > > version of claws are severely outdated and contain security
> > > vulnerabilities
> > > - for example the libraries that provide curl, gnupg, png, gnutls
> > > and zlib have had security vulnerability fixes that are not
> > > included in the distribution of claws for windows.
> >
> > Indeed, an update of these libs is far overdue. I'll try to find
> > time to do it ASAP...
>
> This is now done! I haven't updated libpng, though, because it is the
> up-to-date version of 1.4.x branch and it's not vulnerable from what
> I've read on the website.
>
> HTH,
Thanks for this Colin, of course it also bakes in all those handy git
commits too :)
--
Brian Morrison
More information about the Users
mailing list