security updates for Evolution

Subject: security updates for Evolution
From: Jim Gribbin (jewelrysupplier@gci.net)
Date: Fri Mar 21 2003 - 17:00:32 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: jonr@destar.net: "software audit"
• Previous message: Greg Jetter: "Re: an opinion, please..."

Severity: Security
Product: Evolution Mail
Keywords: Evolution crash uudecode bonobo
References:
  Core Security Advisory
    http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10
  CAN-2003-0128
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0128
  CAN-2003-0129
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0129
  CAN-2003-0130
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0130

Multiple vulnerabilities have been found in Evolution versions below
1.2.3. These vulnerabilities make it possible for a carefully crafted
email to crash the program, cause general system instability through
resource starvation and get around security measures implemented within
the program.

Jim Gribbin

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: jonr@destar.net: "software audit"
• Previous message: Greg Jetter: "Re: an opinion, please..."

This archive was generated by hypermail 2a23 : Fri Mar 21 2003 - 16:56:07 AKST