MDKSA-2005:024
- Package name
- evolution
- Date
- 2005-01-27
- Advisory ID
- MDKSA-2005:024
- Affected versions
- 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , 10.1 x86_64
Problem description
Max Vozeler discovered an integer overflow in the camel-lock-helper application. This application is installed setgid mail by default. A local attacker could exploit this to execute malicious code with the privileges of the "mail" group; likewise a remote attacker could setup a malicious POP server to execute arbitrary code when an Evolution user connects to it. The updated packages have been patched to prevent this problem.
Updated packages
10.0 amd64
2cbb561ccbd6a2a30c4830e4bdae4c17 amd64/10.0/RPMS/evolution-1.4.6-5.1.100mdk.amd64.rpm 35673a1c5f7c595930def4776bfeba12 amd64/10.0/RPMS/evolution-devel-1.4.6-5.1.100mdk.amd64.rpm 091ef5247fce276a0c8fffd3efd2d967 amd64/10.0/RPMS/evolution-pilot-1.4.6-5.1.100mdk.amd64.rpm cc0058793a3353fd9d420da898e42213 amd64/10.0/SRPMS/evolution-1.4.6-5.1.100mdk.src.rpm
10.1 i586
0b3320cd8f1209071dbb38de3f5f4c62 10.1/RPMS/evolution-2.0.3-1.2.101mdk.i586.rpm d7cf293651f49ef222da230f4ad3cb2d 10.1/RPMS/evolution-devel-2.0.3-1.2.101mdk.i586.rpm 89f0d1b662517cb0756eec458cd6c234 10.1/RPMS/evolution-pilot-2.0.3-1.2.101mdk.i586.rpm ee51751a3cabf18e53bd1e3092da3223 10.1/SRPMS/evolution-2.0.3-1.2.101mdk.src.rpm
10.0 i586
3397788a5d8a84d8fd1294225bdfa546 10.0/RPMS/evolution-1.4.6-5.1.100mdk.i586.rpm 0e2280ac393ca059ae4d19b3db8289ee 10.0/RPMS/evolution-devel-1.4.6-5.1.100mdk.i586.rpm 6d1f2aa61768f1cebeeb5454abbc4a67 10.0/RPMS/evolution-pilot-1.4.6-5.1.100mdk.i586.rpm cc0058793a3353fd9d420da898e42213 10.0/SRPMS/evolution-1.4.6-5.1.100mdk.src.rpm
CS3.0 x86_64
194f59a32369684d6642067924937dcd x86_64/corporate/3.0/RPMS/evolution-1.4.6-5.1.C30mdk.x86_64.rpm 79de9373078067bc09779afb01b2a2f1 x86_64/corporate/3.0/RPMS/evolution-devel-1.4.6-5.1.C30mdk.x86_64.rpm a050fc93565161d237e141feb014c9f1 x86_64/corporate/3.0/RPMS/evolution-pilot-1.4.6-5.1.C30mdk.x86_64.rpm 854f366f4a1c868e905888a46d06603a x86_64/corporate/3.0/SRPMS/evolution-1.4.6-5.1.C30mdk.src.rpm
CS3.0 i586
6a8867e05261d45f89ff09e9cb05ff31 corporate/3.0/RPMS/evolution-1.4.6-5.1.C30mdk.i586.rpm a9a7a5c41a121178a2fffbff6a8764a3 corporate/3.0/RPMS/evolution-devel-1.4.6-5.1.C30mdk.i586.rpm 4d6f9b339eb9cc545e9b562d8223fca8 corporate/3.0/RPMS/evolution-pilot-1.4.6-5.1.C30mdk.i586.rpm 854f366f4a1c868e905888a46d06603a corporate/3.0/SRPMS/evolution-1.4.6-5.1.C30mdk.src.rpm
10.1 x86_64
984eae27bc6fbebcf32002ba61b17670 x86_64/10.1/RPMS/evolution-2.0.3-1.2.101mdk.x86_64.rpm 8bc7680f0095b4153a882716f8485daf x86_64/10.1/RPMS/evolution-devel-2.0.3-1.2.101mdk.x86_64.rpm 3db68c56395c13a3fe458645bb1c9975 x86_64/10.1/RPMS/evolution-pilot-2.0.3-1.2.101mdk.x86_64.rpm ee51751a3cabf18e53bd1e3092da3223 x86_64/10.1/SRPMS/evolution-2.0.3-1.2.101mdk.src.rpm