CVE-2009-0587 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0587): Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel.
Patches: http://ocert.org/patches/2008-015/evc-CVE-2009-0587.diff http://ocert.org/patches/2008-015/camel-CVE-2009-0587.diff
I couldn't find any reference to the code in those patches in either 2.22.3-r2 or 2.24.5-r2, am I missing something or is it refering to only 2.24 series that we won't stabilize ?
The version numbers in the CVE entry (and in the oCert advisory) are misleading. This has been fixed since at least EDS 2.21.1 as can be seen in the changelog entries: http://svn.gnome.org/viewvc/evolution-data-server/tags/EVOLUTION_DATA_SERVER_2_21_1/addressbook/ChangeLog?revision=8170&view=markup&sortby=rev 67 2007-09-27 Matthew Barnes <mbarnes@redhat.com> 68 69 ** Fixes part of bug #474000 70 71 * tests/ebook/test-photo.c (main): 72 Use GLib's Base64 API instead of EVCard's. http://svn.gnome.org/viewvc/evolution-data-server/tags/EVOLUTION_DATA_SERVER_2_21_1/camel/ChangeLog?revision=8170&view=markup&sortby=rev 53 2007-09-27 Matthew Barnes <mbarnes@redhat.com> 54 55 ** Fixes part of bug #474000 56 57 * camel-mime-utils.c: 58 * camel-mime-utils.h: 59 Deprecate Camel's Base64 API and make the functions thin wrappers 60 for GLib's Base64 API. 61 62 * camel-multipart.c (set_boundary): 63 * camel-vee-folder.c (camel_vee_folder_hash_folder): 64 * camel-mime-filter-basic.c (complete): 65 * camel-sasl-digest-md5.c (generate_response): 66 * camel-http-stream.c (camel_http_stream_set_proxy): 67 * camel-sasl.c (camel_sasl_challenge_base64): 68 Use GLib's Base64 API instead of Camel's.