CVE-2009-1631 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1631): The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files.
There is no fix yet as per http://bugzilla.gnome.org/show_bug.cgi?id=581604. Resetting status whiteboard.
upstream had a fix commited to 2.30.
2.30 has been in tree for a couple of weeks now.
Is it ok to go stable now?
well, it's already being tracked in gnome 2.30 stabilization request (bug #324077), so yes :)
Stablization completed in 324077. GLSA Vote: No.
Old -> GLSA Vote: No.
(In reply to comment #7) > Old -> GLSA Vote: No. > Thank you. Closing noglsa.