http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2006-03/msg00022.html
Waiting on upstream...
Can't find a reference upstream. Gnome team, could you check and maybe file a bug in the unlikely case there isn't one ?
maybe linked to/the same as bug 127323 ?
It's apparently not the same... but that doesn't help.
This was not a direct issue to evolution, it is related to gtkhtml, the bug should push forward to and see about marking 3.10.1 or a slightly older version stable.
Url is to upstream bug report.
Trying this on 3.11.1 (current development version of gtkhtml), it took ~1 minute to render, and took ~650MB of RAM. I'd say that nothing has changed, and the original reporter had <512MB of RAM. That would swap pretty hard, and make your system fairly unusable.
gnome-office, according to the CVE and Secunia entries 2.6.2 is not affected by this. Please advise.
Any news on this one?
Sune: I'm not from gnome-office but... This is not bug in evolution itself but in GTKHTML renderer which reproduces perfectly in gtkhtml-3.12.3. Influence of this bug can be reproduced in evolution-2.8.3 and I do not see any reasons why this could not be reproduced in evolution-2.6.2. At least I can remember messages which could eat whole memory and crash evolution in the same way as described. I do not know where do people took "affected evolution versions". I think that workaround suggested in gnome bugzilla should be applied. But currently that patch does not work here and I wait their response on comment #24 in gnome bugzilla... Also it's very interesting what redhat has in their bugzilla but I do not have access there.
Thanks Volkov... do you think this bug is still relevant or obsolete now?
This issue still is not fixed so it's still relevant. Upstream patch is not working here as it should. I've contacted Srinivasa Ragavan, author of that patch and he answered: "I am currently OOF/Town. I will get back to you in a weeks time." So again, waiting upstream...
(In reply to comment #13) > This issue still is not fixed so it's still relevant. Upstream patch is not > working here as it should. I've contacted Srinivasa Ragavan, author of that > patch and he answered: > > "I am currently OOF/Town. I will get back to you in a weeks time." > > So again, waiting upstream... > alright. I'll ping again within some weeks.
Well. I've received explanations: That patch checks for on-disk letter size instead of rendered in-memory. So actually patch works but it does not prevents all possible out-of-memory conditions which could occur during letter rendering with gtkhtml... To fix this bug. Hm... Of course proper fix should be applied to gtkhtml library. But I do not have currently time to delve into that library thus I suggest just to follow upstream and apply patch they think fix the issue.
Created attachment 113451 [details, diff] Upstream patch.
Hi Peter, can you provide a new ebuild with these patches if you think they are good, please? unless it's already done... thanks!
This is fixed in >=evolution-2.8.3-r2 which should be stabilized together with gnome-2.16.3.
Awaiting Gnome stabilization on bug #171107
evolution-2.8.3-r2 is stable on all supported arches.
fixed by GLSA 200706-02 with the code exec vulnerability (CVE-2007-1002) , thanks everybody. Feel free to reopen if you disagree.