[ubuntu/bionic-security] evolution-data-server 3.28.5-0ubuntu0.18.04.3 (Accepted)

Wed Jul 22 11:57:15 UTC 2020

evolution-data-server (3.28.5-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: STARTTLS response injection
    - debian/patches/CVE-2020-14928-1.patch: truncate cached data in
      src/camel/camel-stream-buffer.c, src/camel/camel-stream-buffer.h,
      src/camel/providers/pop3/camel-pop3-store.c,
      src/camel/providers/pop3/camel-pop3-stream.c,
      src/camel/providers/pop3/camel-pop3-stream.h,
      src/camel/providers/smtp/camel-smtp-transport.c.
    - debian/patches/CVE-2020-14928-2.patch: rename function in
      src/camel/camel-stream-buffer.c, src/camel/camel-stream-buffer.h,
      src/camel/providers/pop3/camel-pop3-store.c,
      src/camel/providers/pop3/camel-pop3-stream.c,
      src/camel/providers/pop3/camel-pop3-stream.h,
      src/camel/providers/smtp/camel-smtp-transport.c.
    - debian/libcamel-1.2-61.symbols: added new symbol.
    - CVE-2020-14928

Date: 2020-07-08 16:43:14.613069+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/evolution-data-server/3.28.5-0ubuntu0.18.04.3
-------------- next part --------------
Sorry, changesfile not available.