Advisories ยป MGASA-2014-0500

Updated geary package fixes security vulnerability

Publication date: 29 Nov 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-5444

Description

Geary before 0.6.3 does not present the user with a warning when a TLS
certificate error is detected, which makes it easier for remote attackers to
conduct man-in-the-middle attacks via a crafted certificate (CVE-2014-5444).
                

References

SRPMS

4/core