Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 717932 (CVE-2020-11879) - <mail-client/evolution-3.34.4-r1: Possible disclosure of local files by attachments (CVE-2020-11879)
Summary: <mail-client/evolution-3.34.4-r1: Possible disclosure of local files by attac...
Status: RESOLVED FIXED
Alias: CVE-2020-11879
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://gitlab.gnome.org/GNOME/evolut...
Whiteboard: B4 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-17 18:05 UTC by Sam James
Modified: 2020-05-03 23:39 UTC (History)
1 user (show)

See Also:
Package list:
mail-client/evolution-3.34.4-r1
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-17 18:05:30 UTC
Description:
"An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as demonstrated by an attach=.bash_history value."

Bug: https://gitlab.gnome.org/GNOME/evolution/issues/784
Patch: https://gitlab.gnome.org/GNOME/evolution/-/commit/6489f20d6905cc797e2b2581c415e558c457caa7
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-17 18:06:30 UTC
@maintainer(s), if possible, apply the provided patch. Let us know if it is not feasible.
Comment 2 Larry the Git Cow gentoo-dev 2020-04-17 18:21:41 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=38193445919ae80cf0e16c18bf96a254dc49117c

commit 38193445919ae80cf0e16c18bf96a254dc49117c
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2020-04-17 18:20:52 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2020-04-17 18:21:09 +0000

    mail-client/evolution: Fix CVE-2020-11879
    
    Bug: https://bugs.gentoo.org/717932
    Package-Manager: Portage-2.3.84, Repoman-2.3.20
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 mail-client/evolution/evolution-3.34.4-r1.ebuild   | 155 +++++++++++++++++++++
 .../evolution/files/3.34.4-CVE-2020-11879.patch    | 122 ++++++++++++++++
 2 files changed, 277 insertions(+)
Comment 3 Agostino Sarubbo gentoo-dev 2020-04-22 17:01:29 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2020-04-23 06:31:18 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.