desktop-packages team mailing list archive

[DavidS <david@xxxxxxxxxxxx>]

*** This bug is a security vulnerability ***

Public security bug reported:

It seems that Evolution 2.3.2 uses SSLv3 and is therefore subject to the
recently announced POODLE vulnerability.  (As a result I can no longer
access my IMAP server at fastmail.fm, because they have turned off the
SSLv3 fallback).

Evolution 2.3.2 is the latest version from the Ubuntu 12.04
repositories.  I use Ubuntu 12.04 on 4 computers, so all are affected by
this.

** Affects: evolution (Ubuntu)
     Importance: Undecided
         Status: New

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to evolution in Ubuntu.
https://bugs.launchpad.net/bugs/1382517

Title:
  SSL subject to POODLE vulnerability

Status in “evolution” package in Ubuntu:
  New

Bug description:
  It seems that Evolution 2.3.2 uses SSLv3 and is therefore subject to
  the recently announced POODLE vulnerability.  (As a result I can no
  longer access my IMAP server at fastmail.fm, because they have turned
  off the SSLv3 fallback).

  Evolution 2.3.2 is the latest version from the Ubuntu 12.04
  repositories.  I use Ubuntu 12.04 on 4 computers, so all are affected
  by this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/evolution/+bug/1382517/+subscriptions