evolution 2.10.1-0ubuntu2.4 source package in Ubuntu
Changelog
evolution (2.10.1-0ubuntu2.4) feisty-security; urgency=low
* SECURITY UPDATE: buffer overflow via timezone data in crafted ical
attachments
* debian/patches/99_01_CVE-2008-1108.patch: adjust
calendar/gui/e-itip-control.c to use a GString rather than a fixed-size
buffer to build the HTML string to avoid the possibility of an overflow.
* SECURITY UPDATE: heap-based overflow via crafted ical attachments with
long DESCRIPTION
* debian/patches/99_02_CVE-2008-1109.patch: adjust calendar/gui/itip-utils.c
to not use a fixed-size buffer for parsing external data. Simplify the
logic to just split and rejoin the string with a different line separator.
* SECURITY UPDATE: remotely triggered denial of service
* debian/patches/99_03_bug535459.patch: add sanity checks and don't use
component when checks fail in plugins/itip-formatter.c, gui/itip-utils.h,
gui/itip-utils.c, gui/e-itip-control.c
* References
CVE-2008-1108
CVE-2008-1109
http://bugzilla.gnome.org/show_bug.cgi?id=535459
-- Jamie Strandboge <email address hidden> Thu, 05 Jun 2008 07:09:56 -0400
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Feisty
- Original maintainer:
- Ubuntu Desktop
- Architectures:
- any
- Section:
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| evolution_2.10.1.orig.tar.gz | 19.9 MiB | 35fbcb90798fac07dba82ffc6c41e7e0ef9549b5132e58811df831842114d82d |
| evolution_2.10.1-0ubuntu2.4.diff.gz | 209.8 KiB | 63e6e21e5b13633a680f5eb2610c43c2de24c446964150cdabff4e384277c629 |
| evolution_2.10.1-0ubuntu2.4.dsc | 2.0 KiB | e457b437fbd765c8826f2844bfe0a5ddb272c6fa055824f76565425991720e21 |
Available diffs
Binary packages built by this source
- evolution: No summary available for evolution in ubuntu feisty.
No description available for evolution in ubuntu feisty.
- evolution-common: No summary available for evolution-common in ubuntu feisty.
No description available for evolution-common in ubuntu feisty.
- evolution-dbg: No summary available for evolution-dbg in ubuntu feisty.
No description available for evolution-dbg in ubuntu feisty.
- evolution-dev: No summary available for evolution-dev in ubuntu feisty.
No description available for evolution-dev in ubuntu feisty.
- evolution-plugins: No summary available for evolution-plugins in ubuntu feisty.
No description available for evolution-plugins in ubuntu feisty.
- evolution-plugins-experimental: No summary available for evolution-plugins-experimental in ubuntu feisty.
No description available for evolution-
plugins- experimental in ubuntu feisty.
