openSUSE Security Update : geary (openSUSE-SU-2014:1225-1)
Medium Nessus Plugin ID 77844
SynopsisThe remote openSUSE host is missing a security update.
Descriptiongeary was updated to version 0.6.3 (bnc#896679 VUL-0: CVE-2014-5444) :
Security issue fixed :
+ Warn user of not matching TLS certificate issues when connecting (bgo#713247, CVE-2014-5444).
+ Fix wrong timestamp in composed email Date: header (bgo#714376).
+ Patch major memory leak due to GMime bindings.
+ Stabilize search sorting to prevent dropped search results.
+ Prevent Inbox from being cleared on startup w/ Dovecot, Zimbra, and more.
SolutionUpdate the affected geary packages.