Max Vozeler discovered an integer overflow in the helper application
camel-lock-helper which runs setuid root or setgid mail inside of
Evolution, a free grouware suite. A local attacker can cause the
setuid root helper to execute arbitrary code with elevated privileges
via a malicious POP server.
This is public already.
Message by NotZed:
Created attachment 49262 [details, diff]
Alastair/Mike please provide an updated ebuild.
There are two new ebuilds that include the patch - 2.0.2-r1 and 2.0.3-r1.
Currently, the keywords for evolution are as follows:
evolution-2.0.2.ebuild:KEYWORDS="x86 amd64 ppc sparc hppa ia64 ~mips alpha"
evolution-2.0.2-r1.ebuild:KEYWORDS="x86 ~amd64 ppc ~sparc ~hppa ~ia64 ~mips ~alpha"
evolution-2.0.3.ebuild:KEYWORDS="~x86 ~amd64 ~ppc ~sparc ~hppa ~ia64 ~mips ~alpha"
evolution-2.0.3-r1.ebuild:KEYWORDS="~x86 ~amd64 ~ppc ~sparc ~hppa ~ia64 ~mips ~alpha"
If all archs could please mark evolution-2.0.2-r1 stable now, and move to evolution-2.0.3-r1 as per usual.
Arches please test and mark stable.
closing again. Calling individual testers in a moment.
Sorry for the arch noise. This is still only semi-public.
Arches please test and mark 2.0.2-r1 stable:
amd64 -> slarti
sparc -> gustavoz
hppa -> gmsoft
ia64 -> agriffis
alpha -> kloeri
AMD64 done, thanks.
[ebuild NS ] mail-client/evolution-2.0.3-r1 +crypt -debug -doc -ipv6 -kerberos +ldap +mozilla -nntp -pda +spell +ssl 0 kB
Fails to build here with
* Scanning for a open DISPLAY to start Xvfb ...
* Unable to start Xvfb.
* '/usr/X11R6/bin/Xvfb :17 -screen 0 800x600x24' returns:
/var/cvsroot/gentoo-x86//eclass/virtualx.eclass: line 71: /usr/X11R6/bin/Xvfb: No such file or directory
* If possible, correct the above error and try your emerge again.
I do not have or use framebuffer support. adding liquidx@ to the CC: as he is the listed maintainer.
Removing liquidx. According to Obz he's no longer maintaining this. Obz please update metadata.xml and advise on current ebuild.
Solar see bug 76251 , regarding USE="minimal" xorg-x11 installs, somehow I missed it because it's assigned to azarah.
Ccing DerCorny for the GLSA draft
Public, since Ubuntu leaked it.
2.0.2-r1 stable on sparc.
sorry for the delay, but i usually lack X access to sparc during weekends.
hppa/ia64: please mark stable to benefit from GLSA.
Thanks to DerCorny for the draft.
Already stable on hppa. ebuild no longer in portage.