[Evolution] CVE-2005-2549 CVE-2005-2550: Arbitrary code execution in Evolution

Martin Schulze joey at infodrom.org
Mon Mar 13 12:53:08 UTC 2006


Ulf Härnhammar discovered several format string vulnerabilities in
Evolution, a free groupware suite, that could lead to crashes of the
application or the execution of arbitrary code.

http://marc.theaimsgroup.com/?l=full-disclosure&m=112368237712032&w=2

This mail contains a patch.

Please
 . update the package in sid
 . mention the CVE id from the subject in the changelog
 . tell me the version number of the fixed package
 . use urgency=high

Regards,

	Joey

-- 
The only stupid question is the unasked one.

Please always Cc to me when replying to me on the lists.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-evolution-maintainers/attachments/20060313/ab9cd775/attachment.pgp


More information about the Pkg-evolution-maintainers mailing list