Gentoo Archives: gentoo-announce

From: Seemant Kulleen <seemant@g.o>
To: gentoo-announce@g.o, gentoo-security@g.o, lwn@×××.net
Subject: [gentoo-announce] Evolution memory bug
Date: Fri, 03 May 2002 17:30:47
Message-Id: 20020503153045.22c3b580.seemant@gentoo.org
- -----------------------------------------------------------------------
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------
PACKAGE         : evolution
SUMMARY         : security vulnerability in evolution
DATE            : Fri May  3 21:26:24 UTC 2002
- -----------------------------------------------------------------------

OVERVIEW

A security vulnerability has been found that might cause memory to be
eaten up due to malformed headers on incoming messages.


DETAIL

Fix for a security vulnerability that could allow a possible DOS due to
bad headers in incoming messages.
http://lists.gnome.org/archives/gnome-announce-list/2002-May/msg00020.html



SOLUTION

It is recommended that all Gentoo Linux users who are running evolution
update their systems as follows.

emerge --clean rsync
emerge evolution
emerge clean

- ------------------------------------------------------------------------
spider@g.o
seemant@g.o
drobbins@g.o
- ------------------------------------------------------------------------