CVE-2019-3890 (https://nvd.nist.gov/vuln/detail/CVE-2019-3890): It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference.
This is probably a duplicate of bug 678070.
This is still a duplicate of bug 678070, which has been long handled, voted noglsa and closed.
(In reply to Mart Raudsepp from comment #2) > This is still a duplicate of bug 678070, which has been long handled, voted > noglsa and closed. Thanks. *** This bug has been marked as a duplicate of bug 678070 ***