-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-d445fb484a 2020-09-03 16:38:32.949710 --------------------------------------------------------------------------------
Name : geary Product : Fedora 32 Version : 3.36.3.1 Release : 1.fc32 URL : https://wiki.gnome.org/Apps/Geary Summary : A lightweight email program designed around conversations Description : Geary is a new email reader for GNOME designed to let you read your email quickly and effortlessly. Its interface is based on conversations, so you can easily read an entire discussion without having to click from message to message. Geary is still in early development and has limited features today, but we're planning to add drag-and-drop attachments, lightning-fast searching, multiple account support and much more. Eventually we'd like Geary to have an extensible plugin architecture so that developers will be able to add all kinds of nifty features in a modular way.
-------------------------------------------------------------------------------- Update Information:
geary 3.36.3.1 release: * Fixed handling of pinned, invalid TLS certificates: CVE-2020-24661 * Build bug fixes -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 27 2020 Kalev Lember klember@redhat.com - 3.36.3.1-1 - Update to 3.36.3.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1872968 - CVE-2020-24661 geary: mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates https://bugzilla.redhat.com/show_bug.cgi?id=1872968 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-d445fb484a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------