<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/34c907a0fb48667022f6b16fef327318a8f1ada8">34c907a0</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-04-24T18:53:58Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Do not track evolution-data-server under CVE-2018-15587

This was added back in f6f251cff4801a452acddc3256bbb77e8e4050b8 but the

CVe is specific to the OpenPGP signatures beeing spoofed.

Apparently Ubuntu does track the second issue, for email that is not

encyrpted to look as encrypted, and fixed in evolution-data-server still

under this CVE while other (correctly?) do not.

Cf.

https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15587.html

and other still as well relate to evolution-data-server, cf

https://bugzilla.redhat.com/show_bug.cgi?id=1677650#c2 .

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/34c907a0fb48667022f6b16fef327318a8f1ada8#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/34c907a0fb48667022f6b16fef327318a8f1ada8">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/commit/34c907a0fb48667022f6b16fef327318a8f1ada8"}}</script>

</p>

</div>

</body>

</html>