Paketname
evolution
Datum
2005-01-27
Advisory ID
MDKSA-2005:024
Betroffene Versionen
10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , 10.1 x86_64

Problembeschreibung

Max Vozeler discovered an integer overflow in the camel-lock-helper application. This application is installed setgid mail by default. A local attacker could exploit this to execute malicious code with the privileges of the "mail" group; likewise a remote attacker could setup a malicious POP server to execute arbitrary code when an Evolution user connects to it. The updated packages have been patched to prevent this problem.

Aktualisierte Pakete

10.0 amd64

 2cbb561ccbd6a2a30c4830e4bdae4c17  amd64/10.0/RPMS/evolution-1.4.6-5.1.100mdk.amd64.rpm
35673a1c5f7c595930def4776bfeba12  amd64/10.0/RPMS/evolution-devel-1.4.6-5.1.100mdk.amd64.rpm
091ef5247fce276a0c8fffd3efd2d967  amd64/10.0/RPMS/evolution-pilot-1.4.6-5.1.100mdk.amd64.rpm
cc0058793a3353fd9d420da898e42213  amd64/10.0/SRPMS/evolution-1.4.6-5.1.100mdk.src.rpm

10.1 i586

 0b3320cd8f1209071dbb38de3f5f4c62  10.1/RPMS/evolution-2.0.3-1.2.101mdk.i586.rpm
d7cf293651f49ef222da230f4ad3cb2d  10.1/RPMS/evolution-devel-2.0.3-1.2.101mdk.i586.rpm
89f0d1b662517cb0756eec458cd6c234  10.1/RPMS/evolution-pilot-2.0.3-1.2.101mdk.i586.rpm
ee51751a3cabf18e53bd1e3092da3223  10.1/SRPMS/evolution-2.0.3-1.2.101mdk.src.rpm

10.0 i586

 3397788a5d8a84d8fd1294225bdfa546  10.0/RPMS/evolution-1.4.6-5.1.100mdk.i586.rpm
0e2280ac393ca059ae4d19b3db8289ee  10.0/RPMS/evolution-devel-1.4.6-5.1.100mdk.i586.rpm
6d1f2aa61768f1cebeeb5454abbc4a67  10.0/RPMS/evolution-pilot-1.4.6-5.1.100mdk.i586.rpm
cc0058793a3353fd9d420da898e42213  10.0/SRPMS/evolution-1.4.6-5.1.100mdk.src.rpm

CS3.0 x86_64

 194f59a32369684d6642067924937dcd  x86_64/corporate/3.0/RPMS/evolution-1.4.6-5.1.C30mdk.x86_64.rpm
79de9373078067bc09779afb01b2a2f1  x86_64/corporate/3.0/RPMS/evolution-devel-1.4.6-5.1.C30mdk.x86_64.rpm
a050fc93565161d237e141feb014c9f1  x86_64/corporate/3.0/RPMS/evolution-pilot-1.4.6-5.1.C30mdk.x86_64.rpm
854f366f4a1c868e905888a46d06603a  x86_64/corporate/3.0/SRPMS/evolution-1.4.6-5.1.C30mdk.src.rpm

CS3.0 i586

 6a8867e05261d45f89ff09e9cb05ff31  corporate/3.0/RPMS/evolution-1.4.6-5.1.C30mdk.i586.rpm
a9a7a5c41a121178a2fffbff6a8764a3  corporate/3.0/RPMS/evolution-devel-1.4.6-5.1.C30mdk.i586.rpm
4d6f9b339eb9cc545e9b562d8223fca8  corporate/3.0/RPMS/evolution-pilot-1.4.6-5.1.C30mdk.i586.rpm
854f366f4a1c868e905888a46d06603a  corporate/3.0/SRPMS/evolution-1.4.6-5.1.C30mdk.src.rpm

10.1 x86_64

 984eae27bc6fbebcf32002ba61b17670  x86_64/10.1/RPMS/evolution-2.0.3-1.2.101mdk.x86_64.rpm
8bc7680f0095b4153a882716f8485daf  x86_64/10.1/RPMS/evolution-devel-2.0.3-1.2.101mdk.x86_64.rpm
3db68c56395c13a3fe458645bb1c9975  x86_64/10.1/RPMS/evolution-pilot-2.0.3-1.2.101mdk.x86_64.rpm
ee51751a3cabf18e53bd1e3092da3223  x86_64/10.1/SRPMS/evolution-2.0.3-1.2.101mdk.src.rpm

Referenzen