24 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-14928
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads addition...
Rocky Linux 8 : evolution (RLSA-2020:4649)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:4649 advisory. - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads...
OESA-2022-1785 evolution-data-server security update
The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...
AlmaLinux 8 : evolution (ALSA-2020:4649)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4649 advisory. - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads additiona...
Mageia: Security Advisory (MGASA-2020-0351)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : evolution-data-server Vulnerability (NS-SA-2021-0128)
The remote NewStart CGSL host, running version MAIN 6.02, has evolution-data-server packages installed that are affected by a vulnerability: - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads...
Huawei EulerOS: Security Advisory for evolution-data-server (EulerOS-SA-2021-1780)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : evolution-data-server (EulerOS-SA-2021-1780)
According to the version of the evolution-data-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a 'begin TLS...
openSUSE: Security Advisory for evolution-data-server (openSUSE-SU-2021:0482-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : evolution-data-server (openSUSE-2021-482)
This update for evolution-data-server fixes the following issues : - CVE-2020-16117: Fix crash on malformed server response with minimal capabilities bsc1174712. - CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 bsc1173910. - Fix buffer overrun when parsing base64 data bsc1182882...
Security update for evolution-data-server (moderate)
openSUSE Security Update: Security update for evolution-data-server Announcement ID: openSUSE-SU-2021:0482-1 Rating: moderate References: 1173910 1174712 1182882 Cross-References: CVE-2020-14928 CVE-2020-16117 CVSS scores: CVE-2020-14928 NVD : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N...
EulerOS 2.0 SP2 : evolution-data-server (EulerOS-SA-2021-1293)
According to the versions of the evolution-data-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a 'begin...
CentOS 8 : evolution (CESA-2020:4649)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4649 advisory. - evolution-data-server: Response injection via STARTTLS in SMTP and POP3 CVE-2020-14928 Note that Nessus has not tested for this issue but has instead relied...
evolution security and bug fix update
bogofilter 1.2.5-2 - Bump version to have OSCI/gating tests rerun with updated tests 1.2.5-1 - Resolves: 1836279 Update to 1.2.5 evolution 3.28.5-14 - Related: 1817143 Add a small patch to behave better with WebKitGTK 2.28 3.28.5-13 - Resolves: 1836165 Cannot type the date of a meeting...
ALSA-2020:4649 Low: evolution security and bug fix update
Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...
Low: evolution security and bug fix update
Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...
EulerOS 2.0 SP5 : evolution-data-server (EulerOS-SA-2020-2243)
According to the versions of the evolution-data-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a 'begin...
Fedora 31 : evolution-data-server (2020-45041afb19)
Security fix for CVE-2020-14928 Response Injection via STARTTLS in SMTP and POP3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Debian: Security Advisory (DSA-4725-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-14928
evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...