Oval Definition:oval:com.redhat.rhsa:def:20201080
Revision Date:2020-03-31Version:637
Title:RHSA-2020:1080: evolution security and bug fix update (Moderate)
Description:Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality.

The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was originally developed as a back end for the Evolution information management application, but is now used by various other applications.

Security Fix(es):

  • evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages (CVE-2018-15587)

  • evolution-ews: all certificate errors ignored if error is ignored during initial account setup in gnome-online-accounts (CVE-2019-3890)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2018-15587
    CVE-2019-3890
    RHSA-2020:1080
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • evolution-data-server is earlier than 0:3.28.5-4.el7
  • AND evolution-data-server is signed with Red Hat redhatrelease2 key
  • evolution-data-server-devel is earlier than 0:3.28.5-4.el7
  • AND evolution-data-server-devel is signed with Red Hat redhatrelease2 key
  • evolution-data-server-doc is earlier than 0:3.28.5-4.el7
  • AND evolution-data-server-doc is signed with Red Hat redhatrelease2 key
  • evolution-data-server-langpacks is earlier than 0:3.28.5-4.el7
  • AND evolution-data-server-langpacks is signed with Red Hat redhatrelease2 key
  • evolution-data-server-perl is earlier than 0:3.28.5-4.el7
  • AND evolution-data-server-perl is signed with Red Hat redhatrelease2 key
  • evolution-data-server-tests is earlier than 0:3.28.5-4.el7
  • AND evolution-data-server-tests is signed with Red Hat redhatrelease2 key
  • atk is earlier than 0:2.28.1-2.el7
  • AND atk is signed with Red Hat redhatrelease2 key
  • atk-devel is earlier than 0:2.28.1-2.el7
  • AND atk-devel is signed with Red Hat redhatrelease2 key
  • evolution is earlier than 0:3.28.5-8.el7
  • AND evolution is signed with Red Hat redhatrelease2 key
  • evolution-bogofilter is earlier than 0:3.28.5-8.el7
  • AND evolution-bogofilter is signed with Red Hat redhatrelease2 key
  • evolution-devel is earlier than 0:3.28.5-8.el7
  • AND evolution-devel is signed with Red Hat redhatrelease2 key
  • evolution-devel-docs is earlier than 0:3.28.5-8.el7
  • AND evolution-devel-docs is signed with Red Hat redhatrelease2 key
  • evolution-help is earlier than 0:3.28.5-8.el7
  • AND evolution-help is signed with Red Hat redhatrelease2 key
  • evolution-langpacks is earlier than 0:3.28.5-8.el7
  • AND evolution-langpacks is signed with Red Hat redhatrelease2 key
  • evolution-pst is earlier than 0:3.28.5-8.el7
  • AND evolution-pst is signed with Red Hat redhatrelease2 key
  • evolution-spamassassin is earlier than 0:3.28.5-8.el7
  • AND evolution-spamassassin is signed with Red Hat redhatrelease2 key
  • evolution-ews is earlier than 0:3.28.5-5.el7
  • AND evolution-ews is signed with Red Hat redhatrelease2 key
  • evolution-ews-langpacks is earlier than 0:3.28.5-5.el7
  • AND evolution-ews-langpacks is signed with Red Hat redhatrelease2 key
    • BACK