It was discovered that Kmail did not adequately prevent execution of arbitrarycode when a user clicked on a URL to an executable within an HTML mail. If auser clicked on a malicious URL and chose to execute the file, a remoteattacker could execute arbitrary code with user privileges. This update changesKMail's behavior to instead launch a helper program to view the file if theuser chooses to execute such a link.
The problem can be corrected by updating your system to the following
To update your system, please follow these instructions:
After a standard system upgrade you need to restart KMail to effectthe necessary changes.