UbuntuUpdates.org

Package "libedata-cal2.0-dev"

Name: libedata-cal2.0-dev

Description:

Backend library for evolution calendars (development files)

Latest version: 3.36.3-0ubuntu1.1
Release: focal (20.04)
Level: security
Repository: main
Head package: evolution-data-server
Homepage: https://wiki.gnome.org/Apps/Evolution

Links


Download "libedata-cal2.0-dev"


Other versions of "libedata-cal2.0-dev" in Focal

Repository Area Version
base main 3.36.1-2
updates main 3.36.5-0ubuntu1

Changelog

Version: 3.36.3-0ubuntu1.1 2020-07-22 14:06:27 UTC

  evolution-data-server (3.36.3-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: STARTTLS response injection
    - debian/patches/CVE-2020-14928-1.patch: truncate cached data in
      src/camel/camel-stream-buffer.c, src/camel/camel-stream-buffer.h,
      src/camel/providers/pop3/camel-pop3-store.c,
      src/camel/providers/pop3/camel-pop3-stream.c,
      src/camel/providers/pop3/camel-pop3-stream.h,
      src/camel/providers/smtp/camel-smtp-transport.c.
    - debian/patches/CVE-2020-14928-2.patch: rename function in
      src/camel/camel-stream-buffer.c, src/camel/camel-stream-buffer.h,
      src/camel/providers/pop3/camel-pop3-store.c,
      src/camel/providers/pop3/camel-pop3-stream.c,
      src/camel/providers/pop3/camel-pop3-stream.h,
      src/camel/providers/smtp/camel-smtp-transport.c.
    - debian/libcamel-1.2-62.symbols: added new symbol.
    - CVE-2020-14928

 -- Marc Deslauriers <email address hidden> Wed, 08 Jul 2020 09:44:28 -0400

CVE-2020-14928 evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds



About   -   Send Feedback to @ubuntu_updates