Evolution is the GNOME collection of personal information management (PIM)
tools.
A format string bug was found in Evolution. If a user tries to save a
carefully crafted meeting or appointment, arbitrary code may be executed as
the user running Evolution. The Common Vulnerabilities and Exposures
project has assigned the name CAN-2005-2550 to this issue.
Additionally, several other format string bugs were found in Evolution. If
a user views a malicious vCard, connects to a malicious LDAP server, or
displays a task list from a malicious remote server, arbitrary code may be
executed as the user running Evolution. The Common Vulnerabilities and
Exposures project has assigned the name CAN-2005-2549 to this issue. Please
note that this issue only affects Red Hat Enterprise Linux 4.
All users of Evolution should upgrade to these updated packages, which
contain a backported patch which resolves this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | evolution | < 2.0.2-16.3 | evolution-2.0.2-16.3.ia64.rpm |
RedHat | any | src | evolution | < 2.0.2-16.3 | evolution-2.0.2-16.3.src.rpm |
RedHat | any | i386 | evolution-devel | < 2.0.2-16.3 | evolution-devel-2.0.2-16.3.i386.rpm |
RedHat | any | ppc | evolution | < 2.0.2-16.3 | evolution-2.0.2-16.3.ppc.rpm |
RedHat | any | x86_64 | evolution | < 2.0.2-16.3 | evolution-2.0.2-16.3.x86_64.rpm |
RedHat | any | s390x | evolution | < 2.0.2-16.3 | evolution-2.0.2-16.3.s390x.rpm |
RedHat | any | s390 | evolution-devel | < 2.0.2-16.3 | evolution-devel-2.0.2-16.3.s390.rpm |
RedHat | any | i386 | evolution | < 2.0.2-16.3 | evolution-2.0.2-16.3.i386.rpm |
RedHat | any | s390x | evolution-devel | < 2.0.2-16.3 | evolution-devel-2.0.2-16.3.s390x.rpm |
RedHat | any | s390 | evolution | < 2.0.2-16.3 | evolution-2.0.2-16.3.s390.rpm |