Paketname
evolution-data-server
Datum
2009-03-23
Advisory ID
MDVSA-2009:078
Betroffene Versionen
2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , 2008.0 x86_64 , 2008.1 x86_64 , 2008.1 i586

Problembeschreibung

A wrong handling of signed Secure/Multipurpose Internet Mail Extensions
(S/MIME) e-mail messages enables attackers to spoof its signatures
by modifying the latter copy (CVE-2009-0547).

Crafted authentication challange packets (NT Lan Manager type 2) sent
by a malicious remote mail server enables remote attackers either
to cause denial of service and to read information from the process
memory of the client (CVE-2009-0582).

Multiple integer overflows in Base64 encoding functions enables
attackers either to cause denial of service and to execute arbitrary
code (CVE-2009-0587).

This update provides fixes for those vulnerabilities.

Update:

evolution-data-server packages from Mandriva Linux distributions
2008.1 and 2009.0 are not affected by CVE-2009-0587.

Aktualisierte Pakete

2009.0 x86_64

 5ea4be495d706643ea838b66854e28f5  2009.0/x86_64/evolution-data-server-2.24.2-2.2mdv2009.0.x86_64.rpm
 1398c10b38aabb1100b4dad6dd2b1086  2009.0/x86_64/lib64camel14-2.24.2-2.2mdv2009.0.x86_64.rpm
 6ba652147caa5dab986a5b763e346b4d  2009.0/x86_64/lib64ebackend0-2.24.2-2.2mdv2009.0.x86_64.rpm
 bb6feb90ceb9b982ba99f374ecbcb2d2  2009.0/x86_64/lib64ebook9-2.24.2-2.2mdv2009.0.x86_64.rpm
 0950c2b31de5c9ceb118912b6cd3faf0  2009.0/x86_64/lib64ecal7-2.24.2-2.2mdv2009.0.x86_64.rpm
 cd2681c502d794e8a2c408582e24537c  2009.0/x86_64/lib64edata-book2-2.24.2-2.2mdv2009.0.x86_64.rpm
 9a4993b5402eb99b9687a648279bd3d0  2009.0/x86_64/lib64edata-cal6-2.24.2-2.2mdv2009.0.x86_64.rpm
 3ecbd64eb57e83aeb58992d231c5ac87  2009.0/x86_64/lib64edataserver11-2.24.2-2.2mdv2009.0.x86_64.rpm
 d43c94570e8ad660ac2e62ee8760ea5b  2009.0/x86_64/lib64edataserver-devel-2.24.2-2.2mdv2009.0.x86_64.rpm
 5d2a86d37af602f2ceaadf2c526d5261  2009.0/x86_64/lib64edataserverui8-2.24.2-2.2mdv2009.0.x86_64.rpm
 dd3a5396088eac43c0044cb454baebc2  2009.0/x86_64/lib64egroupwise13-2.24.2-2.2mdv2009.0.x86_64.rpm
 77f85ad7cb6a82fdc1bb602649d43775  2009.0/x86_64/lib64exchange-storage3-2.24.2-2.2mdv2009.0.x86_64.rpm
 a341e5e2b653488c9853a20e037edcf8  2009.0/x86_64/lib64gdata1-2.24.2-2.2mdv2009.0.x86_64.rpm 
 ffce99dbbd074a3a744f2470ee6bfe5b  2009.0/SRPMS/evolution-data-server-2.24.2-2.2mdv2009.0.src.rpm

2008.0 i586

 6bd3e60d16d5aa9a9344b92fd07ce22a  2008.0/i586/evolution-data-server-1.12.2-1.2mdv2008.0.i586.rpm
 292256ba96c4ac43e910c1fc9e4d8fbe  2008.0/i586/libcamel10-1.12.2-1.2mdv2008.0.i586.rpm
 8f8334411c8485e14582df3e73c4a242  2008.0/i586/libcamel-provider10-1.12.2-1.2mdv2008.0.i586.rpm
 554f16120b2c910306091ebc4f027c8e  2008.0/i586/libebook9-1.12.2-1.2mdv2008.0.i586.rpm
 d12b3caff29d424332eed92da50b014e  2008.0/i586/libecal7-1.12.2-1.2mdv2008.0.i586.rpm
 d2305fd2775aef20aa09822a18b23e20  2008.0/i586/libedata-book2-1.12.2-1.2mdv2008.0.i586.rpm
 1ff922bf3b96e349e88b8a5098577fd3  2008.0/i586/libedata-cal6-1.12.2-1.2mdv2008.0.i586.rpm
 7ad077472c308ba0a1eab267cf5f41d9  2008.0/i586/libedataserver9-1.12.2-1.2mdv2008.0.i586.rpm
 a1e5f6341427c8252ae2f5bb53abb864  2008.0/i586/libedataserver-devel-1.12.2-1.2mdv2008.0.i586.rpm
 f98aab2c87187723a91d63851dc7307b  2008.0/i586/libedataserverui8-1.12.2-1.2mdv2008.0.i586.rpm
 ad342077949f641b46f3d31336884565  2008.0/i586/libegroupwise13-1.12.2-1.2mdv2008.0.i586.rpm
 1ea20abb0c00d4139c042db7562ad33e  2008.0/i586/libexchange-storage3-1.12.2-1.2mdv2008.0.i586.rpm 
 8f2762c4677d1dcec526d28634b1cdc8  2008.0/SRPMS/evolution-data-server-1.12.2-1.2mdv2008.0.src.rpm

2009.0 i586

 59ef53fa7d268e81f404ddc538c9ac26  2009.0/i586/evolution-data-server-2.24.2-2.2mdv2009.0.i586.rpm
 3d84382377d27dad8d406d1d8a7d5eb2  2009.0/i586/libcamel14-2.24.2-2.2mdv2009.0.i586.rpm
 c27b63a7c1a85ca33615f70055cadf71  2009.0/i586/libebackend0-2.24.2-2.2mdv2009.0.i586.rpm
 455a545fac4d7bec31b844ddebb57e0a  2009.0/i586/libebook9-2.24.2-2.2mdv2009.0.i586.rpm
 1c4907ff88489011e8ab31c7394cdbef  2009.0/i586/libecal7-2.24.2-2.2mdv2009.0.i586.rpm
 d9984628bc49bfbebabc84ec1953d33c  2009.0/i586/libedata-book2-2.24.2-2.2mdv2009.0.i586.rpm
 fe22354397f7bf8d7957b4b13607e539  2009.0/i586/libedata-cal6-2.24.2-2.2mdv2009.0.i586.rpm
 3f005b703bde0898ee545e5a0bbfc8e6  2009.0/i586/libedataserver11-2.24.2-2.2mdv2009.0.i586.rpm
 7ebda4f39cf70f8a1729079b13b21ac0  2009.0/i586/libedataserver-devel-2.24.2-2.2mdv2009.0.i586.rpm
 aa13c35974f81f495e7ae6f4699750c7  2009.0/i586/libedataserverui8-2.24.2-2.2mdv2009.0.i586.rpm
 c9f7f0d15f501431ae541592eb142705  2009.0/i586/libegroupwise13-2.24.2-2.2mdv2009.0.i586.rpm
 02b8b6603c16920b11cb2aa26b4c8b6a  2009.0/i586/libexchange-storage3-2.24.2-2.2mdv2009.0.i586.rpm
 d6724a2358dd27ef05b2a40678be46f7  2009.0/i586/libgdata1-2.24.2-2.2mdv2009.0.i586.rpm 
 ffce99dbbd074a3a744f2470ee6bfe5b  2009.0/SRPMS/evolution-data-server-2.24.2-2.2mdv2009.0.src.rpm

2008.0 x86_64

 a89eb6ee96b0885eaec6a3d0fcd402c4  2008.0/x86_64/evolution-data-server-1.12.2-1.2mdv2008.0.x86_64.rpm
 5513ceadc9a7d771dd4bb631c5b1ac57  2008.0/x86_64/lib64camel10-1.12.2-1.2mdv2008.0.x86_64.rpm
 41120c43bb29316bfb0d2dc80beaafcc  2008.0/x86_64/lib64camel-provider10-1.12.2-1.2mdv2008.0.x86_64.rpm
 00d51e294ef4eb3edf7b489344bef709  2008.0/x86_64/lib64ebook9-1.12.2-1.2mdv2008.0.x86_64.rpm
 b314b6a23b6391e9e16717901ef116c2  2008.0/x86_64/lib64ecal7-1.12.2-1.2mdv2008.0.x86_64.rpm
 564990bbcd635511e24526eadd7b6282  2008.0/x86_64/lib64edata-book2-1.12.2-1.2mdv2008.0.x86_64.rpm
 74b630513512849237d91c8b5fd4cf3d  2008.0/x86_64/lib64edata-cal6-1.12.2-1.2mdv2008.0.x86_64.rpm
 cc2e43cfd37817b53693b33f53380df0  2008.0/x86_64/lib64edataserver9-1.12.2-1.2mdv2008.0.x86_64.rpm
 fcaa0d13f171907d85152c88c49baf75  2008.0/x86_64/lib64edataserver-devel-1.12.2-1.2mdv2008.0.x86_64.rpm
 e1e8a7e5cae46fb8ecc071f44b1e5357  2008.0/x86_64/lib64edataserverui8-1.12.2-1.2mdv2008.0.x86_64.rpm
 f2e8758d708c296f9768ac45b7a6997f  2008.0/x86_64/lib64egroupwise13-1.12.2-1.2mdv2008.0.x86_64.rpm
 e86333bb9e1ff53c17d24614c01f8d06  2008.0/x86_64/lib64exchange-storage3-1.12.2-1.2mdv2008.0.x86_64.rpm 
 8f2762c4677d1dcec526d28634b1cdc8  2008.0/SRPMS/evolution-data-server-1.12.2-1.2mdv2008.0.src.rpm

2008.1 x86_64

 670373514981fcfd42704ff50bd981fa  2008.1/x86_64/evolution-data-server-2.22.3-1.2mdv2008.1.x86_64.rpm
 e2560387c8b8934baf25b4b2b2de9e74  2008.1/x86_64/lib64camel11-2.22.3-1.2mdv2008.1.x86_64.rpm
 fe118c0ea5cfe68d7097e620f57b1279  2008.1/x86_64/lib64camel-provider11-2.22.3-1.2mdv2008.1.x86_64.rpm
 78585bbd328376b22f0c766a569647e7  2008.1/x86_64/lib64ebook9-2.22.3-1.2mdv2008.1.x86_64.rpm
 f45dee9d1bd98f426a0cf284a01c9397  2008.1/x86_64/lib64ecal7-2.22.3-1.2mdv2008.1.x86_64.rpm
 fcaad5ce1f9a45565b83f25c271601e5  2008.1/x86_64/lib64edata-book2-2.22.3-1.2mdv2008.1.x86_64.rpm
 d29452a6255e90a6c021e4262dca8797  2008.1/x86_64/lib64edata-cal6-2.22.3-1.2mdv2008.1.x86_64.rpm
 cb16a0e0c5a22c72d34b603122a81d24  2008.1/x86_64/lib64edataserver9-2.22.3-1.2mdv2008.1.x86_64.rpm
 7f559ca0d7498fa7d70c4dab1f9cc8ae  2008.1/x86_64/lib64edataserver-devel-2.22.3-1.2mdv2008.1.x86_64.rpm
 a48581b50953bb080a40bbcd5e4b422e  2008.1/x86_64/lib64edataserverui8-2.22.3-1.2mdv2008.1.x86_64.rpm
 6ec96948b374a44491d6659083ba76bd  2008.1/x86_64/lib64egroupwise13-2.22.3-1.2mdv2008.1.x86_64.rpm
 3fa45afb3abbd3c77e254fda0da424eb  2008.1/x86_64/lib64exchange-storage3-2.22.3-1.2mdv2008.1.x86_64.rpm
 23f73c9a1405c768a49f62552c680cfa  2008.1/x86_64/lib64gdata1-2.22.3-1.2mdv2008.1.x86_64.rpm 
 49ea7ff50dfd16062fc0b67023849a54  2008.1/SRPMS/evolution-data-server-2.22.3-1.2mdv2008.1.src.rpm

2008.1 i586

 3be98e3222f18f7ad77f52cae18a3f53  2008.1/i586/evolution-data-server-2.22.3-1.2mdv2008.1.i586.rpm
 46835255c35dfdaf1143fd55449d81b7  2008.1/i586/libcamel11-2.22.3-1.2mdv2008.1.i586.rpm
 a97c396fb8672423112ee79d6bc006da  2008.1/i586/libcamel-provider11-2.22.3-1.2mdv2008.1.i586.rpm
 68bec1fe382f26707e631eb713225a49  2008.1/i586/libebook9-2.22.3-1.2mdv2008.1.i586.rpm
 87c10b897330b34b3d07ef1b07cb4a9f  2008.1/i586/libecal7-2.22.3-1.2mdv2008.1.i586.rpm
 fd3fba7ea5451dce1d0df1bd3fc60a16  2008.1/i586/libedata-book2-2.22.3-1.2mdv2008.1.i586.rpm
 64ca4e53ca5f7f4b2691b843953058ae  2008.1/i586/libedata-cal6-2.22.3-1.2mdv2008.1.i586.rpm
 7f76ed81e4c5437de49d197101aa7332  2008.1/i586/libedataserver9-2.22.3-1.2mdv2008.1.i586.rpm
 7f95a2a8b876df47c0b7ad62e8753160  2008.1/i586/libedataserver-devel-2.22.3-1.2mdv2008.1.i586.rpm
 0b1ed9835be5d7e57dd66b9140dd2268  2008.1/i586/libedataserverui8-2.22.3-1.2mdv2008.1.i586.rpm
 bc8a216136da73264f106ebda24ccb5b  2008.1/i586/libegroupwise13-2.22.3-1.2mdv2008.1.i586.rpm
 74ee765271a478ed654b75dee813256a  2008.1/i586/libexchange-storage3-2.22.3-1.2mdv2008.1.i586.rpm
 633e1f092cf81c404c74bdcec4714703  2008.1/i586/libgdata1-2.22.3-1.2mdv2008.1.i586.rpm 
 49ea7ff50dfd16062fc0b67023849a54  2008.1/SRPMS/evolution-data-server-2.22.3-1.2mdv2008.1.src.rpm

Referenzen