Advisories

Mandriva Advisories

Package name	evolution
Date	April 15th, 2003
Advisory ID	MDKSA-2003:045
Affected versions	9.0, 9.1
Synopsis	Updated evolution packages fix multiple vulnerabilities

Problem Description

Several vulnerabilities were discovered in the Evolution email client.
These problems make it possible for a carefully constructed email
message to crash the program, causing general system instability by
starving resources.

Updated Packages

Mandrakelinux 9.0

 4017fce554fd77f98e0d9bb233d633d1  9.0/RPMS/evolution-1.0.8-3.1mdk.i586.rpm
6bca540121a25581c3406ec0b7395da3  9.0/RPMS/evolution-pilot-1.0.8-3.1mdk.i586.rpm
a0f94f81909464a35106a1160b26da04  9.0/RPMS/libevolution0-1.0.8-3.1mdk.i586.rpm
9f7ffdb41787bd97b9e26499f3ad450b  9.0/RPMS/libevolution0-devel-1.0.8-3.1mdk.i586.rpm
2617a839bcd46a13a94a9b503152980d  9.0/SRPMS/evolution-1.0.8-3.1mdk.src.rpm

Mandrakelinux 9.1

 b4e86a65afa57dd4968c1ef8c3ba6b70  9.1/RPMS/evolution-1.2.4-1.1mdk.i586.rpm
b244e928c223e91e4722585b04c3f879  9.1/RPMS/evolution-pilot-1.2.4-1.1mdk.i586.rpm
a67811e02cc04481617b528149046b99  9.1/RPMS/libevolution0-1.2.4-1.1mdk.i586.rpm
3af2441bcdc1899c54ee74b6674ca696  9.1/RPMS/libevolution0-devel-1.2.4-1.1mdk.i586.rpm
2e12234f74a5c87b46da7542f9af8da5  9.1/SRPMS/evolution-1.2.4-1.1mdk.src.rpm

Mandrakelinux 9.1/PPC

 e42479764a609b975755a7bcc3f4b921  ppc/9.1/RPMS/evolution-1.2.4-1.1mdk.ppc.rpm
38f45195f20c78fb68d694bfc8acc9b3  ppc/9.1/RPMS/evolution-pilot-1.2.4-1.1mdk.ppc.rpm
5fc381b620484c57987cc20c0181a3e3  ppc/9.1/RPMS/libevolution0-1.2.4-1.1mdk.ppc.rpm
4edf8acf04219ab72339f4786e690d06  ppc/9.1/RPMS/libevolution0-devel-1.2.4-1.1mdk.ppc.rpm
2e12234f74a5c87b46da7542f9af8da5  ppc/9.1/SRPMS/evolution-1.2.4-1.1mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0130

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer