Synopsis: Critical: evolution security update Issue date: 2008-03-05 CVE Names: CVE-2008-0072 A format string flaw was found in the way Evolution displayed encrypted mail content. If a user opened a carefully crafted mail message, arbitrary code could be executed as the user running Evolution. (CVE-2008-0072) SL 4.x SRPMS: evolution-2.0.2-35.0.4.el4_6.1.src.rpm i386: evolution-2.0.2-35.0.4.el4_6.1.i386.rpm evolution-devel-2.0.2-35.0.4.el4_6.1.i386.rpm x86_64: evolution-2.0.2-35.0.4.el4_6.1.x86_64.rpm evolution-devel-2.0.2-35.0.4.el4_6.1.x86_64.rpm SL 5.x SRPMS: evolution-2.8.0-40.el5_1.1.src.rpm i386: evolution-2.8.0-40.el5_1.1.i386.rpm evolution-devel-2.8.0-40.el5_1.1.i386.rpm x86_64: evolution-2.8.0-40.el5_1.1.i386.rpm evolution-2.8.0-40.el5_1.1.x86_64.rpm evolution-devel-2.8.0-40.el5_1.1.i386.rpm evolution-devel-2.8.0-40.el5_1.1.x86_64.rpm -Connie Sieh -Troy Dawson