[Git][security-tracker-team/security-tracker][master] Update notes for CVE-2018-15587 in data/CVE/list
Jonas Meurer
gitlab at salsa.debian.org
Wed Apr 24 15:04:11 BST 2019
Jonas Meurer pushed to branch master at Debian Security Tracker / security-tracker
Commits:
32e93f1d by Jonas Meurer at 2019-04-24T14:03:50Z
Update notes for CVE-2018-15587 in data/CVE/list
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -40554,6 +40554,8 @@ CVE-2018-15587 (GNOME Evolution through 3.28.2 is prone to OpenPGP signatures be
NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/93306a296c64b48d12c356804f131048643eaa0a (evolution-data-server)
NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/accb0e2415681565e4dac00cf1c4303c313ad29e (evolution-data-server)
NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/5cd59aee67450e8750eb3cb2d357d0947f199f61 (evolution-data-server)
+ NOTE: The CVE is about signature spoofing and only affects evolution (issue #120)
+ NOTE: The other issues (encryption spoofing) are unrelated and have low(er) severity.
CVE-2018-15586 (Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed ...)
- enigmail 2:2.0.6.1-2
[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/32e93f1d6689641dc90e8d21b7bff72aff22f46a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/32e93f1d6689641dc90e8d21b7bff72aff22f46a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190424/d7f43f11/attachment.html>
More information about the debian-security-tracker-commits
mailing list