Sylvain Beucler · Sylvain Beucler · e14fbbea · e14fbbea · e14fbbea
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17166,6 +17166,7 @@ CVE-2019-3890
 	- evolution-ews <unfixed>
 	NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/issues/36
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1678313
+	NOTE: depends on evolution-data-server patch (unrelated to CVE-2018-15587)
 CVE-2019-3889
 	RESERVED
 CVE-2019-3888
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -23,6 +23,8 @@ evolution
 --
 evolution-data-server
 --
+evolution-ews
+--
 faad2 (Hugo Lefeuvre)
  NOTE: 20190407: CVE-2018-20362: wrote a patch, currently testing it. This might fix many other
  NOTE: issues at the same time. This is a complex issue which requires a lot of digging in

--- a/packages/clamav
+++ b/packages/clamav
@@ -5,6 +5,7 @@ signatures.
 The security team updates clamav via {old,}stable-updates.

 https://lists.debian.org/debian-lts/2018/03/msg00033.html
+https://lists.debian.org/debian-lts/2019/03/msg00161.html

 LTS updates need to wait until a respective SUA has been issued to avoid
 breaking upgrades.