evolution-data-server (3.18.5-1ubuntu1.3) xenial-security; urgency=medium
* SECURITY UPDATE: STARTTLS response injection
- debian/patches/CVE-2020-14928-1.patch: truncate cached data in
camel/camel-stream-buffer.c, camel/camel-stream-buffer.h,
camel/providers/pop3/camel-pop3-store.c,
camel/providers/pop3/camel-pop3-stream.c,
camel/providers/pop3/camel-pop3-stream.h,
camel/providers/smtp/camel-smtp-transport.c.
- debian/patches/CVE-2020-14928-2.patch: rename function in
camel/camel-stream-buffer.c, camel/camel-stream-buffer.h,
camel/providers/pop3/camel-pop3-store.c,
camel/providers/pop3/camel-pop3-stream.c,
camel/providers/pop3/camel-pop3-stream.h,
camel/providers/smtp/camel-smtp-transport.c.
- debian/libcamel-1.2-54.symbols: added new symbol.
- CVE-2020-14928
Date: 2020-07-08 16:49:13.855217+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/evolution-data-server/3.18.5-1ubuntu1.3
Sorry, changesfile not available.
--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes