From 6eb2f8c0ae8eeca516f99aa77863af4f22dbed08 Mon Sep 17 00:00:00 2001
From: starlet-dx <15929766099@163.com>
Date: Fri, 22 Apr 2022 16:21:19 +0800
Subject: [PATCH] Fix CVE-2020-16117

(cherry picked from commit 022d2f04a1e262a5a12c145591fc8e525dd42cf9)
---
 CVE-2020-16117.patch       | 28 ++++++++++++++++++++++++++++
 evolution-data-server.spec |  8 +++++++-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2020-16117.patch

diff --git a/CVE-2020-16117.patch b/CVE-2020-16117.patch
new file mode 100644
index 0000000..b2c0622
--- /dev/null
+++ b/CVE-2020-16117.patch
@@ -0,0 +1,28 @@
+From 2cc39592b532cf0dc994fd3694b8e6bf924c9ab5 Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Mon, 10 Feb 2020 10:00:32 +0100
+Subject: [PATCH] I#189 - Crash on malformed server response with minimal
+ capabilities
+
+Closes https://gitlab.gnome.org/GNOME/evolution-data-server/issues/189
+---
+ src/camel/providers/imapx/camel-imapx-server.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/camel/providers/imapx/camel-imapx-server.c b/src/camel/providers/imapx/camel-imapx-server.c
+index 3c38fb1e9..3883321ec 100644
+--- a/src/camel/providers/imapx/camel-imapx-server.c
++++ b/src/camel/providers/imapx/camel-imapx-server.c
+@@ -3045,7 +3045,8 @@ connected:
+ 
+ 			/* See if we got new capabilities
+ 			 * in the STARTTLS response. */
+-			imapx_free_capability (is->priv->cinfo);
++			if (is->priv->cinfo)
++				imapx_free_capability (is->priv->cinfo);
+ 			is->priv->cinfo = NULL;
+ 			if (ic->status->condition == IMAPX_CAPABILITY) {
+ 				is->priv->cinfo = ic->status->u.cinfo;
+-- 
+GitLab
+
diff --git a/evolution-data-server.spec b/evolution-data-server.spec
index 66d0d1c..91545a2 100644
--- a/evolution-data-server.spec
+++ b/evolution-data-server.spec
@@ -2,12 +2,15 @@
 
 Name:           evolution-data-server
 Version:        3.30.1
-Release:        3
+Release:        4
 Summary:        Backend data server for Evolution
 License:        LGPLv2+
 URL:            https://wiki.gnome.org/Apps/Evolution
 Source:         http://download.gnome.org/sources/%{name}/3.30/%{name}-%{version}.tar.xz
 
+#https://gitlab.gnome.org/GNOME/evolution-data-server/-/commit/2cc39592b532cf0dc994fd3694b8e6bf924c9ab5.patch
+Patch0:         CVE-2020-16117.patch
+
 Provides:       evolution-webcal = %{version}
 Obsoletes:      evolution-webcal < 2.24.0 compat-evolution-data-server310-libcamel < 3.12
 
@@ -162,6 +165,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &>/dev/null || :
 %{_libexecdir}/evolution-data-server/csv2vcard
 
 %changelog
+* Fri Apr 22 2022 yaoxin <yaoxin30@h-partners.com> - 3.30.1-4
+- Fix CVE-2020-16117
+
 * Tue Dec 24 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.30.1-3
 - delete redundant files
 
-- 
Gitee