It was discovered evolution-ews before 3.31.3 does not check the validity of
SSL certificates. An attacker could abuse this flaw to get confidential
information by tricking the user into connecting to a fake server without
the user noticing the difference.
This is probably a duplicate of bug 678070.