1 ignored security issue in stretch

package:
evolution-ews
severity:
low
created:
2019-04-04
last updated:
2019-08-10

There is 1 open security issue in stretch.
1 issue skipped by the security teams:
  • CVE-2019-3890: It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference.
Please fix it.