1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4725-1] evolution-data-server security update

    From Moritz Muehlenhoff@1:229/2 to All on Wed Jul 15 22:50:02 2020
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4725-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    July 15, 2020 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : evolution-data-server
    CVE ID : CVE-2020-14928

    Damian Poddebniak and Fabian Ising discovered a response injection vulnerability in Evolution data server, which could enable MITM
    attacks.

    For the stable distribution (buster), this problem has been fixed in
    version 3.30.5-1+deb10u1.

    We recommend that you upgrade your evolution-data-server packages.

    For the detailed security status of evolution-data-server please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/evolution-data-server

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8PaKsACgkQEMKTtsN8 TjYLmg//WHM79x5dSymzSA2l/jUKxEdmTZlo9w64qXj9dR+8rsVfTZb9UgyMLPn2 0+U8xc6Yby3VBxv+6VyEnS1ToMvrpVKrjIBikMFPKbfnXfZGKkulB3hxRZDshJNA bkgAtAnZsrjPj4aMKkRByq7lJ53NvfS18J+21NP1G7QNxx6lvL2tvlOCqv+VYqaW NPVtJa7rF7GHWzk87rsAD4aKyrYlAPmtgB4yJIbI+bqWgObZG8Kra1uLkWe96Cgc Abi0G8xz0K8FXVOSnwJkphWsVp+YaITOhVnb/D3C3j3e6UX3H5OXDMrmodQrX1eE ZRNHWr2XjL3WWaOIeWYXr8CLwecE/kqtDCuSg2/RVL9QbIlXuOM3+uWwlSpWo5S+ gLjnKgamnnYaqZ1hv9YT+aCdI8HoFPSNeFq+esJyZ/rVnDKK9WwUr+20wDo8Oian GXtffEGjOnEPc2JiI1OSDwbeSR5vHD4m+L6/1IX/QI7jpu6MoGlgBxcq0lyuXRnN dg/U9nkFoG+QaJbLt34tLG/DV+c6mZrCOVYvrOuVuD3YqM7uJBmQ7XGlGJfU7PsU G+3FiOLmBt6M5FhEhphXV0S9Oh1PkNaBR/8MMJJjPACk4nMsrAyZoyqc50b5ehzH /w/ctYugXMHdoZVmC4HX6e7vKJYFNqsp/q4IKI+l7MA30qHNawU=
    =ZEAL
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)