Launchpad.net

CVE 2014-5444

Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate.

See the CVE page on Mitre.org for more details.