On Tue, 9 Apr 2019 15:52:52 +0200 Sylvain Beucler < [email protected] > wrote: > Package: evolution-ews > Version: 3.30.5-1 > X-Debbugs-CC: [email protected]
> Severity: grave > Tags: security > > Hi, > > The following vulnerability was published for evolution-ews. > > CVE-2019-3890[0]: > No description was found (try on a search engine) > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2019-3890 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3890 > https://gitlab.gnome.org/GNOME/evolution-ews/issues/27 > https://gitlab.gnome.org/GNOME/evolution-ews/issues/36 > https://bugzilla.redhat.com/show_bug.cgi?id=1678313 > Note: depends on evolution-data-server patch > > Cheers! > Sylvain Beucler / Debian LTS Dear Maintainers, I have backported the required patches and tested them on Buster, they seem to work fine. I have opened PRs against the 2 repos on Salsa, but they both require a new debian/buster branch to be created as debian/master has moved on to new releases: https://salsa.debian.org/gnome-team/evolution-data-server/merge_requests/1 https://salsa.debian.org/gnome-team/evolution-ews/merge_requests/2 It would be great if we could have evolution-ews in Buster, as it's the only way to use exchange/o365 for Debian users. Thanks! -- Kind regards, Luca Boccassi
signature.asc
Description: This is a digitally signed message part
