Date: Tue, 25 Jan 2005 01:57:41 +0100 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: gnome@FreeBSD.org Subject: Security vulnerability in evolution Message-ID: <20050125005740.GB815@zaphod.nitro.dk>
next in thread | raw e-mail | index | archive | help
--hYooF8G/hrfVAmum Content-Type: multipart/mixed; boundary="JYK4vJDZwFMowpUq" Content-Disposition: inline --JYK4vJDZwFMowpUq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello evolution maintainers As recently documented in the FreeBSD VuXML document [1] there is a security vulnerability in evolution. A patch, obtained from Debian Linux, is attached or an upstream version can be found at [2] (I don't know which patch is "best"). Please update the port as soon as possible. Thanks in advance. [1] http://vuxml.FreeBSD.org/b8943e61-6e68-11d9-a9e7-0001020eed82.html [2] http://cvs.gnome.org/viewcvs/evolution/camel/camel-lock-helper.c?rev=3D= 1.7&view=3Dlog#rev1.5.74.1 --=20 Simon L. Nielsen FreeBSD Security Team --JYK4vJDZwFMowpUq Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=security_CAN-2005-0102 --- evolution-1.0.5.orig/camel/camel-lock-helper.c 2001-10-27 18:59:27.000000000 +0200 +++ evolution-1.0.5/camel/camel-lock-helper.c 2005-01-21 16:57:44.000000000 +0100 @@ -360,6 +360,8 @@ int main(int argc, char **argv) switch(msg.id) { case CAMEL_LOCK_HELPER_LOCK: res = CAMEL_LOCK_HELPER_STATUS_NOMEM; + if (msg.data+1 < msg.data) + break; path = malloc(msg.data+1); if (path != NULL) { res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL; --JYK4vJDZwFMowpUq-- --hYooF8G/hrfVAmum Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFB9ZmEh9pcDSc1mlERAhBfAKC3YW7PcpHhGG02/Z3mug6fGb0rWgCfUeB+ RbBSjCQa/Vmjktd3VwSjxrA= =XEuv -----END PGP SIGNATURE----- --hYooF8G/hrfVAmum--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050125005740.GB815>