touch-packages team mailing list archive

Thread
Date

[Bug 1382517] Re: SSL subject to POODLE vulnerability

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Iain Lane <iain@xxxxxxxxxxxxxxxxxxx>
Date: Fri, 17 Oct 2014 11:32:00 -0000
Reply-to: Bug 1382517 <1382517@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a duplicate of bug 1382133 ***
    https://bugs.launchpad.net/bugs/1382133

** Package changed: evolution (Ubuntu) => evolution-data-server (Ubuntu)

** This bug has been marked a duplicate of bug 1382133
   Issue with servers with SSLv3 disabled due to Poodle

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to evolution-data-server in
Ubuntu.
https://bugs.launchpad.net/bugs/1382517

Title:
  SSL subject to POODLE vulnerability

Status in “evolution-data-server” package in Ubuntu:
  New

Bug description:
  It seems that Evolution 2.3.2 uses SSLv3 and is therefore subject to
  the recently announced POODLE vulnerability.  (As a result I can no
  longer access my IMAP server at fastmail.fm, because they have turned
  off the SSLv3 fallback).

  Evolution 2.3.2 is the latest version from the Ubuntu 12.04
  repositories.  I use Ubuntu 12.04 on 4 computers, so all are affected
  by this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/evolution-data-server/+bug/1382517/+subscriptions