Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:1752

Опубликовано: 18 мая 2021
Источник: rocky
Оценка: Low

Описание

Low: evolution security, bug fix, and enhancement update

Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality.

The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications.

Security Fix(es):

  • evolution-data-server: NULL pointer dereference related to imapx_free_capability and imapx_connect_to_server (CVE-2020-16117)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
evolutionx86_6416.el8evolution-3.28.5-16.el8.x86_64.rpm
evolution-bogofilterx86_6416.el8evolution-bogofilter-3.28.5-16.el8.x86_64.rpm
evolution-data-serveri68615.el8evolution-data-server-3.28.5-15.el8.i686.rpm
evolution-data-serverx86_6415.el8evolution-data-server-3.28.5-15.el8.x86_64.rpm
evolution-data-server-develi68615.el8evolution-data-server-devel-3.28.5-15.el8.i686.rpm
evolution-data-server-develx86_6415.el8evolution-data-server-devel-3.28.5-15.el8.x86_64.rpm
evolution-data-server-langpacksnoarch15.el8evolution-data-server-langpacks-3.28.5-15.el8.noarch.rpm
evolution-data-server-langpacksnoarch15.el8evolution-data-server-langpacks-3.28.5-15.el8.noarch.rpm
evolution-ewsx86_6410.el8evolution-ews-3.28.5-10.el8.x86_64.rpm
evolution-ews-langpacksnoarch10.el8evolution-ews-langpacks-3.28.5-10.el8.noarch.rpm

Показывать по

Связанные CVE

CVE-2020-16117

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2020-16117

CVSS3: 5.9
ubuntu
больше 5 лет назад

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server.

redhat логотип

CVE-2020-16117

CVSS3: 5.9
redhat
больше 5 лет назад

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server.

nvd логотип

CVE-2020-16117

CVSS3: 5.9
nvd
больше 5 лет назад

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server.

debian логотип

CVE-2020-16117

CVSS3: 5.9
debian
больше 5 лет назад

In GNOME evolution-data-server before 3.35.91, a malicious server can ...

github логотип

GHSA-j89v-2w65-5qmq

github
больше 3 лет назад

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server.