evolution, evolution-data-server, evolution-ews bug fix and enhancement update

An update is available for evolution, evolution-ews, evolution-mapi, evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed...

NewStart CGSL MAIN 6.02 : evolution-data-server Vulnerability (NS-SA-2021-0128)

The remote NewStart CGSL host, running version MAIN 6.02, has evolution-data-server packages installed that are affected by a vulnerability: - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads...

Advisory ROSA-SA-2021-1831

Software: evolution-data-server 3.28.5 OS: Cobalt 7.9 CVE-ID: CVE-2020-14928 CVE-Crit: MEDIUM CVE-DESC: From evolution-data-server eds to 3.36.3 there is an issue with STARTTLS buffering that affects SMTP and POP3. When the server sends a "start TLS" response, eds reads additional data and...

SUSE: Security Advisory (SUSE-SU-2014:1519-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : evolution (ELSA-2021-1752)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1752 advisory. - Resolves: 1862403 CVE-2020-16117: Crash on malformed server response with minimal capabilities evolution-ews Tenable has extracted the preceding description...

Denial Of Service (DoS)

evolution-data-server is vulnerable to denial of service DoS. The vulnerability exists through a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt...

CentOS 8 : evolution (CESA-2021:1752)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1752 advisory. - evolution-data-server: NULL pointer dereference related to imapxfreecapability and imapxconnecttoserver CVE-2020-16117 Note that Nessus has not tested for thi...

evolution-data-server: NULL pointer dereference related to imapx_free_capability and imapx_connect_to_server

A NULL pointer dereference flaw was found in the GNOME evolution-data-server when a mail client parses invalid messages from a malicious server. This flaw allows an attacker who controls a mail server the ability to crash the mail clients. The highest threat from this vulnerability is to system...

evolution security, bug fix, and enhancement update

An update is available for evolution, evolution-ews, evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Evolution is a GNOME application that...

ALSA-2021:1752 Low: evolution security, bug fix, and enhancement update

Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...

Huawei EulerOS: Security Advisory for evolution-data-server (EulerOS-SA-2021-1780)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : evolution-data-server (EulerOS-SA-2021-1780)

According to the version of the evolution-data-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a 'begin TLS...

openSUSE: Security Advisory for evolution-data-server (openSUSE-SU-2021:0482-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : evolution-data-server (openSUSE-2021-482)

This update for evolution-data-server fixes the following issues : - CVE-2020-16117: Fix crash on malformed server response with minimal capabilities bsc1174712. - CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 bsc1173910. - Fix buffer overrun when parsing base64 data bsc1182882...

OPENSUSE-SU-2021:0482-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - CVE-2020-16117: Fix crash on malformed server response with minimal capabilities bsc1174712. - CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 bsc1173910. - Fix buffer overrun when parsing base64 data bsc1182882...

Security update for evolution-data-server (moderate)

openSUSE Security Update: Security update for evolution-data-server Announcement ID: openSUSE-SU-2021:0482-1 Rating: moderate References: 1173910 1174712 1182882 Cross-References: CVE-2020-14928 CVE-2020-16117 CVSS scores: CVE-2020-14928 NVD : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N...

SUSE-SU-2021:0949-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - CVE-2020-16117: Fix crash on malformed server response with minimal capabilities bsc1174712. - CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 bsc1173910. - Fix buffer overrun when parsing base64 data bsc1182882...

[SECURITY] Fedora 34 Update: gnome-calendar-40~rc-1.fc34

Calendar is a simple and beautiful calendar application designed to fit GNOME 3. Features: Week, month and year views Basic editing of events Evolution Data Server integration Search support...

[SECURITY] Fedora 34 Update: evolution-data-server-3.39.3-1.fc34

The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...

Fedora: Security Advisory for evolution-data-server (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...