Login
Newsletter
Werbung

Sicherheit: Senden an falschen Empfänger in Evolution
Aktuelle Meldungen Distributionen
Name: Senden an falschen Empfänger in Evolution
ID: USN-1922-1
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04
Datum: Do, 1. August 2013, 08:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4166
Applikationen: Evolution

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============1575834952464126845==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="------------enig6355CDD08A90696AF68E9FF1"

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig6355CDD08A90696AF68E9FF1
Content-Type: text/plain; charset=UTF-
Content-Transfer-Encoding: quoted-printable


==========================================================================
Ubuntu Security Notice USN-1922-1
July 31, 2013

evolution-data-server vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Evolution would sometimes encrypt email to the wrong recipient.

Software Description:
- evolution-data-server: Evolution suite data server

Details:

Yves-Alexis Perez discovered that Evolution Data Server did not properly
select GPG recipients. Under certain circumstances, this could result in
Evolution encrypting email to an unintended recipient.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libcamel-1.2-40 3.6.4-0ubuntu1.1

Ubuntu 12.10:
libcamel-1.2-40 3.6.2-0ubuntu0.2

Ubuntu 12.04 LTS:
libcamel-1.2-29 3.2.3-0ubuntu7.1

After a standard system update you need to restart Evolution to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1922-1
CVE-2013-4166

Package Information:
https://launchpad.net/ubuntu/+source/evolution-data-server/3.6.4-0ubuntu1.1
https://launchpad.net/ubuntu/+source/evolution-data-server/3.6.2-0ubuntu0.2
https://launchpad.net/ubuntu/+source/evolution-data-server/3.2.3-0ubuntu7.1





--------------enig6355CDD08A90696AF68E9FF1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJR+aBBAAoJEFHb3FjMVZVzUSQP/09Nr4vEHydV/7bq8ae8P4mE
RazTCvUDdULKvLZ2tIy2KSkeg8DVVIAP6D7gyZBFzDSK1nCneJpMsly1ixp6Om3V
qOC4WAfBiHa0ns7mlfeL1xT5D8hYnFIqVc5R9rN9igNWIXBJ7F2wqOaKRloeoTLa
F+t6v7w1NTKn39QMSHuMyBCeOrMafM7f0RLiRNr7PbQmx3C/sPS93rrIyhZiEL22
5SspeYguZexRYPqVkfkM7Sb+OzThdotU8dx+2GxkMIUXP85pQHka6ZUg5/q/6gkh
xodcN+Dzox5tX2w+YCrbk1zkr0lrPbxBoQvRNjmJrYJK1FCY4Wes3Z/G/z4c0HBn
2uUr5wFPSU0+vD1hmm5svjC/A7FP3nJSQDFx3vwieO6rBEpfTkQ8DNSJqgC13mxY
5MeYDhQCwv8E1I/NpLU56qosS28y4qvvtrP3xu15/4FuHG637uzV+OXzOWbWolws
7iGQOIwiF8rkIKnihtII5uGRAGzsNp9yQM/1pf5QYFvt1schgfiUNjQLFufDF3Kq
oqOZCGZX4UIHuPlTS+Gko4LUtszUiy2qh6c1nYku9vJ9/u65HL/YuwmyLdoIde8G
7eEZa2mBT2f6WDZaN1pqn4AvpMkSZ5k+Dq2n6Ckg1w9fM0Kf0/x3xSnYnXKqVumD
aJLFnv0vAKt31vvlW6z9
=eyo9
-----END PGP SIGNATURE-----

--------------enig6355CDD08A90696AF68E9FF1--


--===============1575834952464126845==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============1575834952464126845==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung