evolution 2.22.2-0ubuntu1.2 source package in Ubuntu

Changelog

evolution (2.22.2-0ubuntu1.2) hardy-security; urgency=low

  * SECURITY UPDATE: buffer overflow via timezone data in crafted ical
    attachments
  * debian/patches/99_00_CVE-2008-1108.patch: adjust
    calendar/gui/e-itip-control.c to use a GString rather than a fixed-size
    buffer to build the HTML string to avoid the possibility of an overflow.
  * SECURITY UPDATE: heap-based overflow via crafted ical attachments with
    long DESCRIPTION
  * debian/patches/99_01_CVE-2008-1109.patch: adjust calendar/gui/itip-utils.c
    to not use a fixed-size buffer for parsing external data. Simplify the
    logic to just split and rejoin the string with a different line separator.
  * SECURITY UPDATE: remotely triggered denial of service
  * debian/patches/99_02_bug535459.patch: add sanity checks and don't use
    component when checks fail in plugins/itip-formatter.c, gui/itip-utils.h,
    gui/itip-utils.c, gui/e-itip-control.c
  * References
    CVE-2008-1108
    CVE-2008-1109
    http://bugzilla.gnome.org/show_bug.cgi?id=535459

 -- Jamie Strandboge <email address hidden>   Thu, 05 Jun 2008 06:34:50 -0400

Upload details

Uploaded by:
Jamie Strandboge on 2008-06-06
Uploaded to:
Hardy
Original maintainer:
Ubuntu Desktop
Architectures:
any
Section:
mail
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
evolution_2.22.2.orig.tar.gz 35.4 MiB d3808277aee0e1d5c34d623e0bacd0c479d36c9836db81d6ed9ff639a8f0378b
evolution_2.22.2-0ubuntu1.2.diff.gz 44.4 KiB 96f89c238a7227def93404f119a98593bc37c2b2e539578122fa5217126f78c3
evolution_2.22.2-0ubuntu1.2.dsc 2.1 KiB fa2e6ca34b9df96bb0ef660db43a944a878da2cc150574640246f41779c06761

View changes file

Binary packages built by this source

evolution: No summary available for evolution in ubuntu hardy.

No description available for evolution in ubuntu hardy.

evolution-common: No summary available for evolution-common in ubuntu hardy.

No description available for evolution-common in ubuntu hardy.

evolution-dbg: No summary available for evolution-dbg in ubuntu hardy.

No description available for evolution-dbg in ubuntu hardy.

evolution-dev: No summary available for evolution-dev in ubuntu hardy.

No description available for evolution-dev in ubuntu hardy.

evolution-plugins: No summary available for evolution-plugins in ubuntu hardy.

No description available for evolution-plugins in ubuntu hardy.

evolution-plugins-experimental: No summary available for evolution-plugins-experimental in ubuntu hardy.

No description available for evolution-plugins-experimental in ubuntu hardy.