[ubuntu/xenial-security] evolution-data-server 3.18.5-1ubuntu1.3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jul 22 11:57:17 UTC 2020
evolution-data-server (3.18.5-1ubuntu1.3) xenial-security; urgency=medium
* SECURITY UPDATE: STARTTLS response injection
- debian/patches/CVE-2020-14928-1.patch: truncate cached data in
camel/camel-stream-buffer.c, camel/camel-stream-buffer.h,
camel/providers/pop3/camel-pop3-store.c,
camel/providers/pop3/camel-pop3-stream.c,
camel/providers/pop3/camel-pop3-stream.h,
camel/providers/smtp/camel-smtp-transport.c.
- debian/patches/CVE-2020-14928-2.patch: rename function in
camel/camel-stream-buffer.c, camel/camel-stream-buffer.h,
camel/providers/pop3/camel-pop3-store.c,
camel/providers/pop3/camel-pop3-stream.c,
camel/providers/pop3/camel-pop3-stream.h,
camel/providers/smtp/camel-smtp-transport.c.
- debian/libcamel-1.2-54.symbols: added new symbol.
- CVE-2020-14928
Date: 2020-07-08 16:49:13.855217+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/evolution-data-server/3.18.5-1ubuntu1.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list