Gentoo Archives: gentoo-announce

From: Pierre-Yves Rofes <py@g.o>
To: gentoo-announce@l.g.o
Cc: full-disclosure@××××××××××××××.uk, bugtraq@×××××××××××××.com, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200711-04 ] Evolution: User-assisted remote execution of arbitrary code
Date: Tue, 06 Nov 2007 22:00:20
Message-Id: 4730DFD2.7080007@gentoo.org
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5 Gentoo Linux Security Advisory GLSA 200711-04
6 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7 http://security.gentoo.org/
8 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10 Severity: Normal
11 Title: Evolution: User-assisted remote execution of arbitrary code
12 Date: November 06, 2007
13 Bugs: #190861
14 ID: 200711-04
15
16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18 Synopsis
19 ========
20
21 The IMAP client of Evolution contains a vulnerability potentially
22 leading to the execution of arbitrary code.
23
24 Background
25 ==========
26
27 Evolution is the mail client of the GNOME desktop environment. Camel is
28 the Evolution Data Server module that handles mail functions.
29
30 Affected packages
31 =================
32
33 -------------------------------------------------------------------
34 Package / Vulnerable / Unaffected
35 -------------------------------------------------------------------
36 1 gnome-extra/evolution-data-server < 1.10.3.1 >= 1.10.3.1
37
38 Description
39 ===========
40
41 The imap_rescan() function of the file camel-imap-folder.c does not
42 properly sanitize the "SEQUENCE" response sent by an IMAP server before
43 being used to index arrays.
44
45 Impact
46 ======
47
48 A malicious or compromised IMAP server could trigger the vulnerability
49 and execute arbitrary code with the permissions of the user running
50 Evolution.
51
52 Workaround
53 ==========
54
55 There is no known workaround at this time.
56
57 Resolution
58 ==========
59
60 Note that this GLSA addresses the same issue as GLSA 200707-03, but for
61 the 1.10 branch of Evolution Data Server.
62
63 All Evolution users should upgrade to the latest version:
64
65 # emerge --sync
66 # emerge -av --oneshot ">=gnome-extra/evolution-data-server-1.10.3.1"
67
68 References
69 ==========
70
71 [ 1 ] GLSA 200707-03
72 http://www.gentoo.org/security/en/glsa/glsa-200707-03.xml
73 [ 2 ] CVE-2007-3257
74 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257
75
76 Availability
77 ============
78
79 This GLSA and any updates to it are available for viewing at
80 the Gentoo Security Website:
81
82 http://security.gentoo.org/glsa/glsa-200711-04.xml
83
84 Concerns?
85 =========
86
87 Security is a primary focus of Gentoo Linux and ensuring the
88 confidentiality and security of our users machines is of utmost
89 importance to us. Any security concerns should be addressed to
90 security@g.o or alternatively, you may file a bug at
91 http://bugs.gentoo.org.
92
93 License
94 =======
95
96 Copyright 2007 Gentoo Foundation, Inc; referenced text
97 belongs to its owner(s).
98
99 The contents of this document are licensed under the
100 Creative Commons - Attribution / Share Alike license.
101
102 http://creativecommons.org/licenses/by-sa/2.5
103 -----BEGIN PGP SIGNATURE-----
104 Version: GnuPG v1.4.7 (GNU/Linux)
105 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
106
107 iD8DBQFHMN/RuhJ+ozIKI5gRAt8wAJ9r22+nPo1l84t3EmAMxhC2btwDywCgioWU
108 ofhChGODu5+OneBld1UnPBk=
109 =uqzD
110 -----END PGP SIGNATURE-----
111 --
112 gentoo-announce@g.o mailing list