USN-4429-1: Evolution Data Server vulnerability

22 July 2020

Evolution Data Server could be made to expose sensitive information over the network.

Releases

Packages

  • evolution-data-server - Evolution suite data server

Details

It was discovered that Evolution Data Server incorrectly handled STARTTLS
when using SMTP and POP3. A remote attacker could possibly use this issue
to perform a response injection attack.

References