touch-packages team mailing list archive

Thread
Date

[Bug 1382517] [NEW] SSL subject to POODLE vulnerability

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1382517@xxxxxxxxxxxxxxxxxx>
Date: Fri, 17 Oct 2014 11:32:02 -0000
Reply-to: Bug 1382517 <1382517@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a security vulnerability ***

You have been subscribed to a public security bug:

It seems that Evolution 2.3.2 uses SSLv3 and is therefore subject to the
recently announced POODLE vulnerability.  (As a result I can no longer
access my IMAP server at fastmail.fm, because they have turned off the
SSLv3 fallback).

Evolution 2.3.2 is the latest version from the Ubuntu 12.04
repositories.  I use Ubuntu 12.04 on 4 computers, so all are affected by
this.

** Affects: evolution-data-server (Ubuntu)
     Importance: Undecided
         Status: New

-- 
SSL subject to POODLE vulnerability
https://bugs.launchpad.net/bugs/1382517
You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to evolution-data-server in Ubuntu.