Senden an falschen Empfänger in Evolution
ID: | USN-1922-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 |
Datum: | Do, 1. August 2013, 08:00 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4166 |
Applikationen: | Evolution |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============1575834952464126845== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig6355CDD08A90696AF68E9FF1" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig6355CDD08A90696AF68E9FF1 Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-1922-1 July 31, 2013 evolution-data-server vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.04 - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: Evolution would sometimes encrypt email to the wrong recipient. Software Description: - evolution-data-server: Evolution suite data server Details: Yves-Alexis Perez discovered that Evolution Data Server did not properly select GPG recipients. Under certain circumstances, this could result in Evolution encrypting email to an unintended recipient. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.04: libcamel-1.2-40 3.6.4-0ubuntu1.1 Ubuntu 12.10: libcamel-1.2-40 3.6.2-0ubuntu0.2 Ubuntu 12.04 LTS: libcamel-1.2-29 3.2.3-0ubuntu7.1 After a standard system update you need to restart Evolution to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1922-1 CVE-2013-4166 Package Information: https://launchpad.net/ubuntu/+source/evolution-data-server/3.6.4-0ubuntu1.1 https://launchpad.net/ubuntu/+source/evolution-data-server/3.6.2-0ubuntu0.2 https://launchpad.net/ubuntu/+source/evolution-data-server/3.2.3-0ubuntu7.1 --------------enig6355CDD08A90696AF68E9FF1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCgAGBQJR+aBBAAoJEFHb3FjMVZVzUSQP/09Nr4vEHydV/7bq8ae8P4mE RazTCvUDdULKvLZ2tIy2KSkeg8DVVIAP6D7gyZBFzDSK1nCneJpMsly1ixp6Om3V qOC4WAfBiHa0ns7mlfeL1xT5D8hYnFIqVc5R9rN9igNWIXBJ7F2wqOaKRloeoTLa F+t6v7w1NTKn39QMSHuMyBCeOrMafM7f0RLiRNr7PbQmx3C/sPS93rrIyhZiEL22 5SspeYguZexRYPqVkfkM7Sb+OzThdotU8dx+2GxkMIUXP85pQHka6ZUg5/q/6gkh xodcN+Dzox5tX2w+YCrbk1zkr0lrPbxBoQvRNjmJrYJK1FCY4Wes3Z/G/z4c0HBn 2uUr5wFPSU0+vD1hmm5svjC/A7FP3nJSQDFx3vwieO6rBEpfTkQ8DNSJqgC13mxY 5MeYDhQCwv8E1I/NpLU56qosS28y4qvvtrP3xu15/4FuHG637uzV+OXzOWbWolws 7iGQOIwiF8rkIKnihtII5uGRAGzsNp9yQM/1pf5QYFvt1schgfiUNjQLFufDF3Kq oqOZCGZX4UIHuPlTS+Gko4LUtszUiy2qh6c1nYku9vJ9/u65HL/YuwmyLdoIde8G 7eEZa2mBT2f6WDZaN1pqn4AvpMkSZ5k+Dq2n6Ckg1w9fM0Kf0/x3xSnYnXKqVumD aJLFnv0vAKt31vvlW6z9 =eyo9 -----END PGP SIGNATURE----- --------------enig6355CDD08A90696AF68E9FF1-- --===============1575834952464126845== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============1575834952464126845==-- |