[ubuntu/focal-security] evolution-data-server 3.36.3-0ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jul 22 11:57:15 UTC 2020


evolution-data-server (3.36.3-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: STARTTLS response injection
    - debian/patches/CVE-2020-14928-1.patch: truncate cached data in
      src/camel/camel-stream-buffer.c, src/camel/camel-stream-buffer.h,
      src/camel/providers/pop3/camel-pop3-store.c,
      src/camel/providers/pop3/camel-pop3-stream.c,
      src/camel/providers/pop3/camel-pop3-stream.h,
      src/camel/providers/smtp/camel-smtp-transport.c.
    - debian/patches/CVE-2020-14928-2.patch: rename function in
      src/camel/camel-stream-buffer.c, src/camel/camel-stream-buffer.h,
      src/camel/providers/pop3/camel-pop3-store.c,
      src/camel/providers/pop3/camel-pop3-stream.c,
      src/camel/providers/pop3/camel-pop3-stream.h,
      src/camel/providers/smtp/camel-smtp-transport.c.    
    - debian/libcamel-1.2-62.symbols: added new symbol.  
    - CVE-2020-14928

Date: 2020-07-08 16:36:18.414027+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/evolution-data-server/3.36.3-0ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list