Denial Of Service (DoS)

evolution is vulnerable to denial of service. It was discovered that Evolution Data Server did not properly validate NTLM NT LAN Manager authentication challenge packets. A malicious server using NTLM authentication could cause an application using Evolution Data Server to disclose portions of it...

CentOS 7 : evolution (RHSA-2020:1080)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1080 advisory. - GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a...

evolution security and bug fix update

atk 2.28.1-2 - Remove patch to fix invalid unref at atkgobjectaccessibleobjectgonecb - Resolves: 1753123 evolution 3.28.5-8 - Update patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-7 - Add patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-6 - Add...

DEBIAN-CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

CVE-2011-3355

evolution-data-server3 3.0.3 through 3.2.1 used insecure non-SSL connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim...

Design/Logic Flaw

evolution-data-server3 3.0.3 through 3.2.1 used insecure non-SSL connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim...

CVE-2011-3355

evolution-data-server3 3.0.3 through 3.2.1 used insecure non-SSL connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim...

CVE-2011-3355

CVE-2011-3355 affects evolution-data-server3 versions 3.0.3 through 3.2.1. The flaw is an insecure non-SSL connection when storing sent email messages into the Sent folder located on a remote server, which could allow an attacker to obtain login credentials. Connected documents corroborate the sa...

evolution security and bug fix update

evolution 3.28.5-9 - Add patch for RH bug 1724984 ECompEditor Ensure attendee changes stored before save 3.28.5-8 - Add patch for RH bug 1724659 Make sure intltool-merge cache is created only once 3.28.5-7 - Add patch for RH bug 1724232 Help Contents F1 has a bad link to GNOME site...

Ubuntu: Security Advisory (USN-3998-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS : Evolution Data Server vulnerability (USN-3998-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3998-1 advisory. Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certa...

USN-3998-1: Evolution Data Server vulnerability

Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certain circumstances, this could result in displaying clear-text portions of encrypted messages as though they were encrypted...

USN-3998-1 evolution-data-server vulnerability

Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certain circumstances, this could result in displaying clear-text portions of encrypted messages as though they were encrypted...

Fedora Update for evolution-data-server FEDORA-2019-3a2cc6a0b9

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 29 : evolution-data-server / evolution-ews (2019-3a2cc6a0b9)

Security fix for CVE-2019-3890 - SSL Certificates are not validated Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

[SECURITY] Fedora 29 Update: evolution-data-server-3.30.5-2.fc29

The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...

Fedora 28 : evolution / evolution-data-server / evolution-ews (2018-1434efb8f3)

Update to 3.28.4 upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

GNOME security, bug fix, and enhancement update

PackageKit 1.1.10-1.0.1 - remove PackageKit-0.3.8-Fedora-Vendor.conf.patch 1.1.10-1 - New upstream release - Resolves: 1576494 accountsservice 0.6.50-2 - Fix user switching Resolves: 1597350 0.6.50-1 - Update to 0.6.50 Related: 1576538 Related: 1596735 Related: 1602918 0.6.49-1 - Update to 0.6.49...