FS#9768 : evolution 2.12.3-1 CVE-2008-0072 security exploit

FS#9768 - evolution 2.12.3-1 CVE-2008-0072 security exploit

Attached to Project: Arch Linux
Opened by Paul Bredbury (brebs) - Thursday, 06 March 2008, 00:40 GMT
Last edited by Jan de Groot (JGC) - Thursday, 06 March 2008, 18:57 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	No-one
Architecture	All
Severity	High
Priority	Normal
Reported Version	2007.08-2
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Hi, a new "execution of arbitrary code" bug exists, from opening a specially-crafted encrypted email:
http://secunia.com/advisories/29057/
http://bugs.gentoo.org/show_bug.cgi?id=212272

I propose to include the fix in the Arch package, as in the Gentoo ebuild:
http://sources.gentoo.org/viewcvs.py/gentoo-x86/mail-client/evolution/

Download the patch:
wget http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/mail-client/evolution/files/evolution-CVE-2008-0072.patch

And enclosed is a diff for the change to the PKGBUILD :)

PKGBUILD.diff (0.9 KiB)

This task depends upon

Closed by Jan de Groot (JGC)
Thursday, 06 March 2008, 18:57 GMT
Reason for closing: Fixed

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#9768 - evolution 2.12.3-1 CVE-2008-0072 security exploit

Details

Loading...