Branch sisyphus update bulletin.

Package evolution updated to version 3.28.3-alt1 for branch sisyphus in task 208603.

Published: 2018-05-27

BDU:2019-02900

Уязвимость почтовой программы Evolution, связанная с некорректной проверкой криптографической подписи OpenPGP, позволяющая нарушителю оказать воздействие на целостность данных

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References:

CVE-2018-15587

Published: 2019-02-11
Modified: 2024-11-21

CVE-2018-15587

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.

Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

References:

Version: 2.1.0

Branch sisyphus update on 2018-06-19

ALT-BU-2018-3314-1

ALT-PU-2018-1911-1

Closed vulnerabilities

BDU:2019-02900

CVE-2018-15587