[USN-8055-1] Evolution Data Server vulnerability

noreply+usn-bot Mon, 23 Feb 2026 06:57:38 -0800

==========================================================================
Ubuntu Security Notice USN-8055-1
February 23, 2026


evolution-data-server vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Evolution Data Server could be made to remove files.

Software Description:
- evolution-data-server: Evolution suite data server

Details:

It was discovered that Evolution Data Server incorrectly handled removing
local cache files. An attacker could possibly use this issue to cause
Evolution Data Server to remove arbitrary files.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  evolution-data-server           3.56.2-3ubuntu0.1
  evolution-data-server-common    3.56.2-3ubuntu0.1
  libcamel-1.2-64t64              3.56.2-3ubuntu0.1
  libebackend-1.2-11t64           3.56.2-3ubuntu0.1
  libebook-1.2-21t64              3.56.2-3ubuntu0.1
  libebook-contacts-1.2-4t64      3.56.2-3ubuntu0.1
  libecal-2.0-3                   3.56.2-3ubuntu0.1
  libedata-book-1.2-27t64         3.56.2-3ubuntu0.1
  libedata-cal-2.0-2t64           3.56.2-3ubuntu0.1
  libedataserver-1.2-27t64        3.56.2-3ubuntu0.1
  libedataserverui-1.2-4t64       3.56.2-3ubuntu0.1
  libedataserverui4-1.0-0t64      3.56.2-3ubuntu0.1

Ubuntu 24.04 LTS
  evolution-data-server           3.52.3-0ubuntu1.2
  evolution-data-server-common    3.52.3-0ubuntu1.2
  libcamel-1.2-64t64              3.52.3-0ubuntu1.2
  libebackend-1.2-11t64           3.52.3-0ubuntu1.2
  libebook-1.2-21t64              3.52.3-0ubuntu1.2
  libebook-contacts-1.2-4t64      3.52.3-0ubuntu1.2
  libecal-2.0-3                   3.52.3-0ubuntu1.2
  libedata-book-1.2-27t64         3.52.3-0ubuntu1.2
  libedata-cal-2.0-2t64           3.52.3-0ubuntu1.2
  libedataserver-1.2-27t64        3.52.3-0ubuntu1.2
  libedataserverui-1.2-4t64       3.52.3-0ubuntu1.2
  libedataserverui4-1.0-0t64      3.52.3-0ubuntu1.2

Ubuntu 22.04 LTS
  evolution-data-server           3.44.4-0ubuntu1.2
  evolution-data-server-common    3.44.4-0ubuntu1.2
  libcamel-1.2-63                 3.44.4-0ubuntu1.2
  libebackend-1.2-10              3.44.4-0ubuntu1.2
  libebook-1.2-20                 3.44.4-0ubuntu1.2
  libebook-contacts-1.2-3         3.44.4-0ubuntu1.2
  libecal-2.0-1                   3.44.4-0ubuntu1.2
  libedata-book-1.2-26            3.44.4-0ubuntu1.2
  libedata-cal-2.0-1              3.44.4-0ubuntu1.2
  libedataserver-1.2-26           3.44.4-0ubuntu1.2
  libedataserverui-1.2-3          3.44.4-0ubuntu1.2

After a standard system update you need to restart your session to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8055-1
  CVE-2026-2604

Package Information:
  https://launchpad.net/ubuntu/+source/evolution-data-server/3.56.2-3ubuntu0.1
  https://launchpad.net/ubuntu/+source/evolution-data-server/3.52.3-0ubuntu1.2
  https://launchpad.net/ubuntu/+source/evolution-data-server/3.44.4-0ubuntu1.2

signature.asc
Description: OpenPGP digital signature

[USN-8055-1] Evolution Data Server vulnerability

Reply via email to