Oval Definition:oval:com.redhat.rhsa:def:20050267
Revision Date:2005-08-29Version:502
Title:RHSA-2005:267: Evolution security update (Important)
Description:Evolution is the GNOME collection of personal information management (PIM) tools.

A format string bug was found in Evolution. If a user tries to save a carefully crafted meeting or appointment, arbitrary code may be executed as the user running Evolution. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2550 to this issue.

Additionally, several other format string bugs were found in Evolution. If a user views a malicious vCard, connects to a malicious LDAP server, or displays a task list from a malicious remote server, arbitrary code may be executed as the user running Evolution. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2549 to this issue. Please note that this issue only affects Red Hat Enterprise Linux 4.

All users of Evolution should upgrade to these updated packages, which contain a backported patch which resolves this issue.
Family:unixClass:patch
Status:Reference(s):CVE-2005-2549
CVE-2005-2550
RHSA-2005:267-01
Platform(s):Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • evolution is earlier than 0:1.4.5-16
  • AND evolution is signed with Red Hat master key
  • evolution-devel is earlier than 0:1.4.5-16
  • AND evolution-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • evolution is earlier than 0:2.0.2-16.3
  • AND evolution is signed with Red Hat master key
  • evolution-devel is earlier than 0:2.0.2-16.3
  • AND evolution-devel is signed with Red Hat master key
    • BACK