Synopsis: Critical: evolution security update
Issue date: 2008-06-04
CVE Names: CVE-2008-1108
A flaw was found in the way Evolution parsed iCalendar timezone attachment
data. If mail which included a carefully crafted iCalendar attachment was
opened, arbitrary code could be executed as the user running Evolution.
(CVE-2008-1108)
SL 3.0.x
SRPMS:
evolution-1.4.5-22.el3.src.rpm
i386:
evolution-1.4.5-22.el3.i386.rpm
evolution-devel-1.4.5-22.el3.i386.rpm
x86_64:
evolution-1.4.5-22.el3.x86_64.rpm
evolution-devel-1.4.5-22.el3.x86_64.rpm
SL 4.x
SRPMS:
evolution-2.0.2-35.0.4.el4_6.2.src.rpm
i386:
evolution-2.0.2-35.0.4.el4_6.2.i386.rpm
evolution-devel-2.0.2-35.0.4.el4_6.2.i386.rpm
x86_64:
evolution-2.0.2-35.0.4.el4_6.2.x86_64.rpm
evolution-devel-2.0.2-35.0.4.el4_6.2.x86_64.rpm
-Connie Sieh
-Troy Dawson