Summary: | <mail-client/evolution-3.34.4-r1: Possible disclosure of local files by attachments (CVE-2020-11879) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gnome |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.gnome.org/GNOME/evolution/issues/784 | ||
Whiteboard: | B4 [noglsa cve] | ||
Package list: |
mail-client/evolution-3.34.4-r1
|
Runtime testing required: | --- |
Description
Sam James
2020-04-17 18:05:30 UTC
@maintainer(s), if possible, apply the provided patch. Let us know if it is not feasible. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=38193445919ae80cf0e16c18bf96a254dc49117c commit 38193445919ae80cf0e16c18bf96a254dc49117c Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2020-04-17 18:20:52 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2020-04-17 18:21:09 +0000 mail-client/evolution: Fix CVE-2020-11879 Bug: https://bugs.gentoo.org/717932 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Mart Raudsepp <leio@gentoo.org> mail-client/evolution/evolution-3.34.4-r1.ebuild | 155 +++++++++++++++++++++ .../evolution/files/3.34.4-CVE-2020-11879.patch | 122 ++++++++++++++++ 2 files changed, 277 insertions(+) amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. |