Your message dated Fri, 19 Jul 2019 22:22:22 +0000 with message-id <e1hobgg-0008tu...@fasolo.debian.org> and subject line Bug#926712: fixed in evolution-ews 3.30.5-1.1 has caused the Debian Bug report #926712, regarding evolution-ews: CVE-2019-3890 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 926712: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926712 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: evolution-ews Version: 3.30.5-1 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for evolution-ews. CVE-2019-3890[0]: No description was found (try on a search engine) If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-3890 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3890 https://gitlab.gnome.org/GNOME/evolution-ews/issues/27 https://gitlab.gnome.org/GNOME/evolution-ews/issues/36 https://bugzilla.redhat.com/show_bug.cgi?id=1678313 Note: depends on evolution-data-server patch Cheers! Sylvain Beucler / Debian LTS
--- End Message ---
--- Begin Message ---Source: evolution-ews Source-Version: 3.30.5-1.1 We believe that the bug you reported is fixed in the latest version of evolution-ews, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 926...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Luca Boccassi <bl...@debian.org> (supplier of updated evolution-ews package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 02 Apr 2019 17:56:27 +0100 Source: evolution-ews Architecture: source Version: 3.30.5-1.1 Distribution: unstable Urgency: medium Maintainer: Debian GNOME Maintainers <pkg-gnome-maintain...@lists.alioth.debian.org> Changed-By: Luca Boccassi <bl...@debian.org> Closes: 926249 926712 Changes: evolution-ews (3.30.5-1.1) unstable; urgency=medium . * Non-maintainer upload. * Backport patch to fix Office365 with OAuth2 (Closes: #926249) * Backport patch to fix CVE-2019-3890 - SSL certificates not being validated before use. Bump dependency on libedataserver1.2-dev to >= 3.30.5-1.1~ as the fix requires a change in that library. (Closes: #926712) Checksums-Sha1: 5bcc3b4c8f502eaa7aa3d695bff0523aec237d4d 2169 evolution-ews_3.30.5-1.1.dsc 1dbed5d69f7e3a8591901fee367bde2d42eb562e 11952 evolution-ews_3.30.5-1.1.debian.tar.xz 4d510b851bd69786af256e99bdf9ea84c5e1dfcd 22791 evolution-ews_3.30.5-1.1_source.buildinfo Checksums-Sha256: 98900771ddd588f0f9f232e8c8e32401d0907cef31f53e3a3df94746964c9d77 2169 evolution-ews_3.30.5-1.1.dsc 098e74dd97e6a139aa38bdd3808ed374a846077ca504b1b49350a91c95db7dbe 11952 evolution-ews_3.30.5-1.1.debian.tar.xz 19ac233de8588fc8a9653d7cd7de2c0926d748952d6c72f625a5fb69c5e874db 22791 evolution-ews_3.30.5-1.1_source.buildinfo Files: bc47a8dd124f381a20967a0c395eedf6 2169 gnome optional evolution-ews_3.30.5-1.1.dsc f58f85e765dcdd789a0217dd304090d2 11952 gnome optional evolution-ews_3.30.5-1.1.debian.tar.xz 435ee37a9d5c2a5196b660f04113b01d 22791 gnome optional evolution-ews_3.30.5-1.1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQFFBAEBCgAvFiEE6g0RLAGYhL9yp9G8SylmgFB4UWIFAl0o+RIRHGJsdWNhQGRl Ymlhbi5vcmcACgkQSylmgFB4UWKdwwf+MbEVMivphiQACFxxu1N+/MA6eBCS+IRP /Y/O9WcI7V7nbYLkjLGmjDe+LxCNIVwONwQNkQTAIG+2k6aPXiJO1US3t181AH7T /6BurG6NSR8etwNNwjc/oCgHGqxTwZyAn8gV2pcsFgwr+mIeeXfzmvvDVk2oY1Xd KhoLZyQ2nhoZmjiBMPHZ239UdmtmMkslowVfHf1inftQzQX/yQBv+n/CeexpnM1X kllY7r3i0qBIzKo4awoqE9ZRT6uuWBTN+pYZnf4gEB+DxzE5YAwK/2NSGz4OaULN IJrCOBMfqNlcMl7EYRK6RMnX/gtipxHrmgf+hH30rPJw7WQyg7yC1w== =hoYm -----END PGP SIGNATURE-----
--- End Message ---
