Lucene search

K
osvGoogleOSV:DSA-1512-1
HistoryMar 05, 2008 - 12:00 a.m.

evolution - remote code execution

2008-03-0500:00:00
Google
osv.dev
7

EPSS

0.435

Percentile

97.4%

Ulf Härnhammar discovered that Evolution, the e-mail and groupware suite,
had a format string vulnerability in the parsing of encrypted mail messages.
If the user opened a specially crafted email message, code execution was
possible.

For the stable distribution (etch), this problem has been fixed in version
2.6.3-6etch2.

For the old stable distribution (sarge), this problem has been fixed in
version 2.0.4-2sarge3. Some architectures have not yet completed building
the updated package for sarge, they will be added as they come available.

For the unstable distribution (sid), this problem has been fixed in
version 2.12.3-1.1.

We recommend that you upgrade your evolution package.

CPENameOperatorVersion
evolutioneq2.6.3-6etch1
evolutioneq2.6.3-6