Summary: | mail-client/evolution Multiple format string vulnerabilities (CAN-2005-25{49|50}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome, liquidx, obz |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0277.html | ||
Whiteboard: | B2 [glsa] DerCorny | ||
Package list: | Runtime testing required: | --- |
Description
Sune Kloppenborg Jeppesen (RETIRED)
2005-08-10 13:06:52 UTC
obz, liquidx: please bump or apply proposed fix. Pulling in the rest of the Gnome herd. We're late on this one, please bump evolution with proposed patch or advise. Heres the link to the patch for reference, its a tad difficult to find on the site. http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html http://www.sitic.se/dokument/evolution.formatstring.patch patched, tested patch / compile, committed as: evolution-2.2.3-r3.ebuild Arches, please test evolution-2.2.3-r3 and mark stable, thanks. Stable on SPARC. Stable on hppa This is CAN-2005-2550, http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2550 No, it's CAN-2005-2549 and CAN-2005-2550. // Ulf Harnhammar Hui, the VIPs are watching us :) Thanks for the headsup! Stable on amd64 Stable on the almighty alpha architecture ! Cheers, Ferdy Stable on ppc. All security covered arches marked stable, should be ready for GLSA Stable on ia64. GLSA 200508-12. Thanks to everbody who helped. |