FS#9768 - evolution 2.12.3-1 CVE-2008-0072 security exploit
Attached to Project:
Arch Linux
Opened by Paul Bredbury (brebs) - Thursday, 06 March 2008, 00:40 GMT
Last edited by Jan de Groot (JGC) - Thursday, 06 March 2008, 18:57 GMT
Opened by Paul Bredbury (brebs) - Thursday, 06 March 2008, 00:40 GMT
Last edited by Jan de Groot (JGC) - Thursday, 06 March 2008, 18:57 GMT
|
Details
Hi, a new "execution of arbitrary code" bug exists, from
opening a specially-crafted encrypted email:
http://secunia.com/advisories/29057/ http://bugs.gentoo.org/show_bug.cgi?id=212272 I propose to include the fix in the Arch package, as in the Gentoo ebuild: http://sources.gentoo.org/viewcvs.py/gentoo-x86/mail-client/evolution/ Download the patch: wget http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/mail-client/evolution/files/evolution-CVE-2008-0072.patch And enclosed is a diff for the change to the PKGBUILD :) |
This task depends upon