Fedora Linux 8773 Published by

A geary security update has been released for Fedora 32.



SECURITY: Fedora 32 Update: geary-3.36.3.1-1.fc32


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-d445fb484a
2020-09-03 16:38:32.949710
--------------------------------------------------------------------------------

Name : geary
Product : Fedora 32
Version : 3.36.3.1
Release : 1.fc32
URL :   https://wiki.gnome.org/Apps/Geary
Summary : A lightweight email program designed around conversations
Description :
Geary is a new email reader for GNOME designed to let you read your
email quickly and effortlessly. Its interface is based on
conversations, so you can easily read an entire discussion without
having to click from message to message. Geary is still in early
development and has limited features today, but we're planning to add
drag-and-drop attachments, lightning-fast searching, multiple account
support and much more. Eventually we'd like Geary to have an
extensible plugin architecture so that developers will be able to add
all kinds of nifty features in a modular way.

--------------------------------------------------------------------------------
Update Information:

geary 3.36.3.1 release: * Fixed handling of pinned, invalid TLS certificates:
CVE-2020-24661 * Build bug fixes
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 27 2020 Kalev Lember - 3.36.3.1-1
- Update to 3.36.3.1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1872968 - CVE-2020-24661 geary: mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates
  https://bugzilla.redhat.com/show_bug.cgi?id=1872968
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-d445fb484a' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys