Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 79183 - mail-client/evolution CAN-2005-0102: Arbitrary code execution
Summary: mail-client/evolution CAN-2005-0102: Arbitrary code execution
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High major (vote)
Assignee: Gentoo Security
URL: http://www.ubuntulinux.org/support/do...
Whiteboard: A2 [glsa] jaervosz
Keywords:
Depends on: 76251
Blocks:
  Show dependency tree
 
Reported: 2005-01-23 02:35 UTC by Sune Kloppenborg Jeppesen
Modified: 2006-03-23 19:31 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
CAN-2005-0102.patch (CAN-2005-0102.patch,467 bytes, patch)
2005-01-23 02:38 UTC, Sune Kloppenborg Jeppesen
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen gentoo-dev 2005-01-23 02:35:59 UTC
Max Vozeler discovered an integer overflow in the helper application
camel-lock-helper which runs setuid root or setgid mail inside of
Evolution, a free grouware suite.  A local attacker can cause the
setuid root helper to execute arbitrary code with elevated privileges
via a malicious POP server.

This is public already.

Message by NotZed:
http://lists.ximian.com/archives/public/evolution-patches/2005-January/008672.html

CVS commit:
http://cvs.gnome.org/viewcvs/evolution/camel/camel-lock-helper.c?rev=1.7&hideattic=0&view=log
Comment 1 Sune Kloppenborg Jeppesen gentoo-dev 2005-01-23 02:38:32 UTC
Created attachment 49262 [details, diff]
CAN-2005-0102.patch
Comment 2 Sune Kloppenborg Jeppesen gentoo-dev 2005-01-23 02:41:04 UTC
Alastair/Mike please provide an updated ebuild.
Comment 3 Mike Gardiner (RETIRED) gentoo-dev 2005-01-23 04:08:18 UTC
There are two new ebuilds that include the patch - 2.0.2-r1 and 2.0.3-r1. 

Currently, the keywords for evolution are as follows:

evolution-2.0.2.ebuild:KEYWORDS="x86 amd64 ppc sparc hppa ia64 ~mips alpha"
evolution-2.0.2-r1.ebuild:KEYWORDS="x86 ~amd64 ppc ~sparc ~hppa ~ia64 ~mips ~alpha"
evolution-2.0.3.ebuild:KEYWORDS="~x86 ~amd64 ~ppc ~sparc ~hppa ~ia64 ~mips ~alpha"
evolution-2.0.3-r1.ebuild:KEYWORDS="~x86 ~amd64 ~ppc ~sparc ~hppa ~ia64 ~mips ~alpha"

If all archs could please mark evolution-2.0.2-r1 stable now, and move to evolution-2.0.3-r1 as per usual.
Comment 4 Sune Kloppenborg Jeppesen gentoo-dev 2005-01-23 04:16:54 UTC
Opening bug.

Arches please test and mark stable.
Comment 5 Sune Kloppenborg Jeppesen gentoo-dev 2005-01-23 04:24:12 UTC
closing again. Calling individual testers in a moment.
Comment 6 Sune Kloppenborg Jeppesen gentoo-dev 2005-01-23 04:32:38 UTC
Sorry for the arch noise. This is still only semi-public.

Arches please test and mark 2.0.2-r1 stable:

amd64 -> slarti
sparc -> gustavoz
hppa -> gmsoft
ia64 -> agriffis
alpha -> kloeri
Comment 7 Tom Martin (RETIRED) gentoo-dev 2005-01-23 07:11:16 UTC
AMD64 done, thanks.
Comment 8 solar (RETIRED) gentoo-dev 2005-01-23 13:41:03 UTC
[ebuild  NS   ] mail-client/evolution-2.0.3-r1  +crypt -debug -doc -ipv6 -kerberos +ldap +mozilla -nntp -pda +spell +ssl 0 kB

Fails to build here with

* Scanning for a open DISPLAY to start Xvfb ...
 * 
 * Unable to start Xvfb.
 * 
 * '/usr/X11R6/bin/Xvfb :17 -screen 0 800x600x24' returns:
 * 
/var/cvsroot/gentoo-x86//eclass/virtualx.eclass: line 71: /usr/X11R6/bin/Xvfb: No such file or directory
 * 
 * If possible, correct the above error and try your emerge again.
 * 
--------------------------------------------------------------------
I do not have or use framebuffer support. adding liquidx@ to the CC: as he is the listed maintainer.
Comment 9 Sune Kloppenborg Jeppesen gentoo-dev 2005-01-23 13:50:33 UTC
Removing liquidx. According to Obz he's no longer maintaining this. Obz please update metadata.xml and advise on current ebuild.
Comment 10 Mike Gardiner (RETIRED) gentoo-dev 2005-01-23 17:53:21 UTC
Solar see bug 76251 , regarding USE="minimal" xorg-x11 installs, somehow I missed it because it's assigned to azarah.

Comment 11 Thierry Carrez (RETIRED) gentoo-dev 2005-01-24 05:52:54 UTC
Ccing DerCorny for the GLSA draft
Comment 12 Thierry Carrez (RETIRED) gentoo-dev 2005-01-24 07:36:13 UTC
Public, since Ubuntu leaked it.
Comment 13 Gustavo Zacarias (RETIRED) gentoo-dev 2005-01-24 07:56:18 UTC
2.0.2-r1 stable on sparc.
sorry for the delay, but i usually lack X access to sparc during weekends.
Comment 14 Bryan Østergaard (RETIRED) gentoo-dev 2005-01-24 11:28:37 UTC
Alpha stable.
Comment 15 Luke Macken (RETIRED) gentoo-dev 2005-01-24 13:43:25 UTC
GLSA 200501-35

hppa/ia64: please mark stable to benefit from GLSA.

Thanks to DerCorny for the draft.
Comment 16 René Nussbaumer (RETIRED) gentoo-dev 2005-06-26 05:46:20 UTC
Already stable on hppa. ebuild no longer in portage.