UbuntuUpdates.org

Package "evolution-data-server"

Name: evolution-data-server

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • evolution database server (transitional package)
  • Installed tests for the evolution database backend server

Latest version: 3.28.5-0ubuntu0.18.04.3
Release: bionic (18.04)
Level: updates
Repository: universe

Links



Other versions of "evolution-data-server" in Bionic

Repository Area Version
base main 3.28.1-1ubuntu1
base universe 3.28.1-1ubuntu1
security universe 3.28.5-0ubuntu0.18.04.3
security main 3.28.5-0ubuntu0.18.04.3
updates main 3.28.5-0ubuntu0.18.04.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.28.5-0ubuntu0.18.04.3 2020-07-22 14:06:25 UTC

  evolution-data-server (3.28.5-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: STARTTLS response injection
    - debian/patches/CVE-2020-14928-1.patch: truncate cached data in
      src/camel/camel-stream-buffer.c, src/camel/camel-stream-buffer.h,
      src/camel/providers/pop3/camel-pop3-store.c,
      src/camel/providers/pop3/camel-pop3-stream.c,
      src/camel/providers/pop3/camel-pop3-stream.h,
      src/camel/providers/smtp/camel-smtp-transport.c.
    - debian/patches/CVE-2020-14928-2.patch: rename function in
      src/camel/camel-stream-buffer.c, src/camel/camel-stream-buffer.h,
      src/camel/providers/pop3/camel-pop3-store.c,
      src/camel/providers/pop3/camel-pop3-stream.c,
      src/camel/providers/pop3/camel-pop3-stream.h,
      src/camel/providers/smtp/camel-smtp-transport.c.
    - debian/libcamel-1.2-61.symbols: added new symbol.
    - CVE-2020-14928

 -- Marc Deslauriers <email address hidden> Wed, 08 Jul 2020 09:48:03 -0400

Source diff to previous version
CVE-2020-14928 evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds

Version: 3.28.5-0ubuntu0.18.04.2 2019-05-30 13:07:06 UTC

  evolution-data-server (3.28.5-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: GPG email signature spoofing
    - debian/patches/CVE-2018-15587-1.patch: Add more strict parsing for
      output from gpg in src/camel/camel-gpg-context.c to ensure signatures
      cannot be spoofed
    - debian/patches/CVE-2018-15587-2.patch: Ensure decrypted output is
      not truncated in src/camel/camel-gpg-context.c
    - debian/patches/CVE-2018-15587-3.patch: Fix incomplete upstream patch in
      src/camel/camel-gpg-context.c to ensure the entire message is read

 -- Alex Murray <email address hidden> Tue, 28 May 2019 17:02:50 +0930

Source diff to previous version
CVE-2018-15587 GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a va

Version: 3.28.5-0ubuntu0.18.04.1 2018-09-24 11:06:55 UTC

  evolution-data-server (3.28.5-0ubuntu0.18.04.1) bionic; urgency=medium

  * New upstream release (LP: #1784514)

 -- Jeremy Bicha <email address hidden> Tue, 31 Jul 2018 10:14:54 -0400

Source diff to previous version
1784514 Update evolution-data-server to 3.28.5

Version: 3.28.3-0ubuntu0.18.04.1 2018-07-16 09:06:45 UTC

  evolution-data-server (3.28.3-0ubuntu0.18.04.1) bionic; urgency=medium

  * New upstream version (lp: #1769637)

 -- Sebastien Bacher <email address hidden> Thu, 05 Jul 2018 17:34:36 +0200

1769637 Update evolution-data-server to 3.28.3



About   -   Send Feedback to @ubuntu_updates