Evolution is the integrated collection of e-mail, calendaring, contact
management, communications and personal information management (PIM) tools
for the GNOME desktop environment.
A flaw was found in the way Evolution parsed iCalendar timezone attachment
data. If mail which included a carefully crafted iCalendar attachment was
opened, arbitrary code could be executed as the user running Evolution.
(CVE-2008-1108)
Red Hat would like to thank Alin Rad Pop of Secunia Research for
responsibly disclosing this issue.
All users of Evolution should upgrade to these updated packages, which
contains a backported patch which resolves this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | ppc | evolution | < 2.0.2-35.0.4.el4_5.2 | evolution-2.0.2-35.0.4.el4_5.2.ppc.rpm |
RedHat | 4 | s390 | evolution | < 2.0.2-35.0.4.el4_5.2 | evolution-2.0.2-35.0.4.el4_5.2.s390.rpm |
RedHat | 4 | ia64 | evolution-devel | < 2.0.2-35.0.4.el4_5.2 | evolution-devel-2.0.2-35.0.4.el4_5.2.ia64.rpm |
RedHat | 4 | i386 | evolution-devel | < 2.0.2-35.0.4.el4_5.2 | evolution-devel-2.0.2-35.0.4.el4_5.2.i386.rpm |
RedHat | 4 | x86_64 | evolution | < 2.0.2-35.0.4.el4_5.2 | evolution-2.0.2-35.0.4.el4_5.2.x86_64.rpm |
RedHat | 4 | src | evolution | < 2.0.2-35.0.4.el4_5.2 | evolution-2.0.2-35.0.4.el4_5.2.src.rpm |
RedHat | 4 | s390 | evolution-devel | < 2.0.2-35.0.4.el4_5.2 | evolution-devel-2.0.2-35.0.4.el4_5.2.s390.rpm |
RedHat | 4 | i386 | evolution | < 2.0.2-35.0.4.el4_5.2 | evolution-2.0.2-35.0.4.el4_5.2.i386.rpm |
RedHat | 4 | s390x | evolution-devel | < 2.0.2-35.0.4.el4_5.2 | evolution-devel-2.0.2-35.0.4.el4_5.2.s390x.rpm |
RedHat | 4 | ppc | evolution-devel | < 2.0.2-35.0.4.el4_5.2 | evolution-devel-2.0.2-35.0.4.el4_5.2.ppc.rpm |