Detections
Analytics
Debian DLA-1443-1 : evolution-data-server security update
high Nessus Plugin ID 111315
Language:
Synopsis
The remote Debian host is missing a security update.Description
It was discovered that there was a protocol implementation error in evolution-data-server where 'STARTTLS not supported' errors from IMAP servers were ignored leading to the use of insecure connections without the user's knowledge or consent.For Debian 8 'Jessie', this issue has been fixed in evolution-data-server version 3.12.9~git20141128.5242b0-2+deb8u4.
We recommend that you upgrade your evolution-data-server packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Upgrade the affected packages.See Also
https://lists.debian.org/debian-lts-announce/2018/07/msg00035.html
https://packages.debian.org/source/jessie/evolution-data-server
Plugin Details
Severity: High
ID: 111315
File Name: debian_DLA-1443.nasl
Version: 1.3
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 7/25/2018
Updated: 1/11/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Vulnerability Information
CPE: p-cpe:/a:debian:debian_linux:evolution-data-server, p-cpe:/a:debian:debian_linux:evolution-data-server-common, p-cpe:/a:debian:debian_linux:evolution-data-server-dbg, p-cpe:/a:debian:debian_linux:evolution-data-server-dev, p-cpe:/a:debian:debian_linux:evolution-data-server-doc, p-cpe:/a:debian:debian_linux:gir1.2-ebook-1.2, p-cpe:/a:debian:debian_linux:gir1.2-ebookcontacts-1.2, p-cpe:/a:debian:debian_linux:gir1.2-edataserver-1.2, p-cpe:/a:debian:debian_linux:libcamel-1.2-49, p-cpe:/a:debian:debian_linux:libcamel1.2-dev, p-cpe:/a:debian:debian_linux:libebackend-1.2-7, p-cpe:/a:debian:debian_linux:libebackend1.2-dev, p-cpe:/a:debian:debian_linux:libebook-1.2-14, p-cpe:/a:debian:debian_linux:libebook-contacts-1.2-0, p-cpe:/a:debian:debian_linux:libebook-contacts1.2-dev, p-cpe:/a:debian:debian_linux:libebook1.2-dev, p-cpe:/a:debian:debian_linux:libecal-1.2-16, p-cpe:/a:debian:debian_linux:libecal1.2-dev, p-cpe:/a:debian:debian_linux:libedata-book-1.2-20, p-cpe:/a:debian:debian_linux:libedata-book1.2-dev, p-cpe:/a:debian:debian_linux:libedata-cal-1.2-23, p-cpe:/a:debian:debian_linux:libedata-cal1.2-dev, p-cpe:/a:debian:debian_linux:libedataserver-1.2-18, p-cpe:/a:debian:debian_linux:libedataserver1.2-dev, cpe:/o:debian:debian_linux:8.0
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Patch Publication Date: 7/25/2018