Home / mailings [USN-7732-1] KMail Account Wizard vulnerability
Posted on 03 September 2025
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7732-1
September 02, 2025
kmail-account-wizard vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
KMail Account Wizard uses an insecure protocol.
Software Description:
- kmail-account-wizard: Wizard for KDE PIM applications account setup
Details:
It was discovered that KMail Account Wizard used HTTP rather than HTTPS
when retrieving certain email server configurations. An attacker could
possibly use this issue to cause email clients to use an
attacker-controlled email server.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
accountwizard 4:23.08.5-0ubuntu3+esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
accountwizard 4:21.12.3-0ubuntu1+esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
accountwizard 4:19.12.3-0ubuntu1+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
accountwizard 4:17.12.3-0ubuntu1+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7732-1
CVE-2024-50624
--===============6680575593744343373==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
