-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : evolution Version : 3.12.9~git20141130.241663-1+deb8u1 CVE ID : CVE-2018-15587 Debian Bug : 924616
Hanno Böck discovered that GNOME Evolution is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted HTML email. This issue was mitigated by moving the security bar with encryption and signature information above the message headers. For Debian 8 "Jessie", this problem has been fixed in version 3.12.9~git20141130.241663-1+deb8u1. We recommend that you upgrade your evolution packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -- Jonas Meurer -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEELIzSg9Pv30M4kOeDUmLn/0kQSf4FAlzDc9gACgkQUmLn/0kQ Sf4iIQ//Zw2B4SDffgH29PdmnGRxFrwkiHYicVL2+8tAekfMTdXzIYAVzKgocD4+ Z37+u3PEhmww+eMEgouhKjBgMU9ikEzpW7j+3VM3qLvOOJYrk8rgIZ1N0GZrmFbt TbMHdkIRSo1W7lkfXaGIIaThaV4UlVQdo4GquXlbgxslUp4Ak2GSF94lMu6Clog7 st8/teDGtMwiFjoRwNP1ZAkx5wvDSNeOpiz4iw3Qooh1ufpVeA7j5L3mouNXhrdt KHn0nZFHzynEOcqAmVL7vmEcfvYC439ku5buhqSw5fHKAOqkUcZ8As2TWGeH5WE6 SHZTHndzZZWXcn5FILqg19Zc3XE3VsWP43fesSngW6uleo8Do9PzAanSjasZm6J7 UHVRbhOVHBgXLZfwO6kcSSyl6kvW7GEuw1qzitZ0AqQ4ptu3GKZq53s6MUFIZ8WF JZqcVT532/5gbxFlWPdqWMOCTyFNZEIk75fGIWP8OzBAgDDIVEKpPWmjybXmg0nM hZAH4mRdwa8tSSmAW7ttVUdfW0LweNpMtb39RxqVgTLaAIVPQF9c2CIIJvgQW7wk +S9k+irWJovGV+oOk+iF/3K9bVsHPBJ75gKhinBb0a80U8gLHltGFlSPCsS7p+pd omk/rzFSiR1hnNIIKwqCGbWwjtZ6N3/Uu1TzoXMboZ2H5YOf3s8= =/LNe -----END PGP SIGNATURE-----
