Privacy and Legal Notice

CIAC INFORMATION BULLETIN

S-222: Evolution Security Update

[Red Hat RHSA-2008:0177-3]

March 6, 2008 21:00 GMT
PROBLEM: A format string flaw was found in the way Evolution displayed encrypted mail content.
PLATFORM: RHEL Desktop Workstation (v. 5 client)
RHEL Optional Productivity Applications (v. 5 server)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS, ES, WS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
DAMAGE: Arbitrary code executed.
SOLUTION: Upgrade to the appropriate version.
VULNERABILITY
ASSESSMENT:		 The risk is MEDIUM. If a user opened a carefully crafted mail message, arbitrary code could be executed as the user running Evolution.
LINKS:  
  CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/s-222.shtml
  ORIGINAL BULLETIN: https://rhn.redhat.com/errata/RHSA-2008-0177.html
  ADDITIONAL LINKS: http://www.debian.org/security/2008/dsa-1512
http://www.securityfocus.com/bid/28102/discuss
  CVE: CVE-2008-0072 
[***** Start Red Hat  RHSA-2008:0177-3 *****]

Critical: evolution security update

Advisory: RHSA-2008:0177-3
Type: Security Advisory
Severity: Critical
Issued on: 2008-03-05
Last updated on: 2008-03-05
Affected Products: RHEL Desktop Workstation (v. 5 client)
RHEL Optional Productivity Applications (v. 5 server)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20080177.xml
CVEs (cve.mitre.org): CVE-2008-0072

Details

Updated evolution packages that fix a format string bug are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Evolution is the GNOME collection of personal information management (PIM)
tools.

A format string flaw was found in the way Evolution displayed encrypted
mail content. If a user opened a carefully crafted mail message, arbitrary
code could be executed as the user running Evolution. (CVE-2008-0072)

All users of Evolution should upgrade to these updated packages, which
contain a backported patch which resolves this issue.

Red Hat would like to thank Ulf Härnhammar of Secunia Research for finding
and reporting this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)
IA-32:
evolution-devel-2.8.0-40.el5_1.1.i386.rpm     c36f334a351ec3b819a6fafe3f2b5114
 
x86_64:
evolution-devel-2.8.0-40.el5_1.1.i386.rpm     c36f334a351ec3b819a6fafe3f2b5114
evolution-devel-2.8.0-40.el5_1.1.x86_64.rpm     2ad76ac2c16830ad5ca256426c9d4db0
 
RHEL Optional Productivity Applications (v. 5 server)
SRPMS:
evolution-2.8.0-40.el5_1.1.src.rpm     bc326bab2009ec8dcda36c5b5c29f0e6
 
IA-32:
evolution-2.8.0-40.el5_1.1.i386.rpm     cb5e69d31b9f7e1c29a82cab2b4c744e
evolution-devel-2.8.0-40.el5_1.1.i386.rpm     c36f334a351ec3b819a6fafe3f2b5114
 
x86_64:
evolution-2.8.0-40.el5_1.1.i386.rpm     cb5e69d31b9f7e1c29a82cab2b4c744e
evolution-2.8.0-40.el5_1.1.x86_64.rpm     e3a9da8b1243b72bb4f39b722373c992
evolution-devel-2.8.0-40.el5_1.1.i386.rpm     c36f334a351ec3b819a6fafe3f2b5114
evolution-devel-2.8.0-40.el5_1.1.x86_64.rpm     2ad76ac2c16830ad5ca256426c9d4db0
 
Red Hat Desktop (v. 4)
SRPMS:
evolution-2.0.2-35.0.4.el4_6.1.src.rpm     8da571d7b19109bb269105110a6ba0ca
evolution28-2.8.0-53.el4_6.2.src.rpm     5f34fafdbd5b6ca17f97754e13ec5154
 
IA-32:
evolution-2.0.2-35.0.4.el4_6.1.i386.rpm     c7ed0106d1a42ae54238c97c12c5402a
evolution-devel-2.0.2-35.0.4.el4_6.1.i386.rpm     0be255baffa73c0ae8d4a289b469caf4
evolution28-2.8.0-53.el4_6.2.i386.rpm     2e44e645092ec420b69598c5c2755910
evolution28-devel-2.8.0-53.el4_6.2.i386.rpm     94b58fe2b2c565bc7466d2723f69b432
 
x86_64:
evolution-2.0.2-35.0.4.el4_6.1.x86_64.rpm     eab94ff5dcce3983a60a1d7c95934aec
evolution-devel-2.0.2-35.0.4.el4_6.1.x86_64.rpm     f4d3422304ad05066da7be5b7cd583d8
evolution28-2.8.0-53.el4_6.2.x86_64.rpm     4d3206775ac51b6060da7f7f3b2f54fe
evolution28-devel-2.8.0-53.el4_6.2.x86_64.rpm     819807555f0bd5334f50e2d22cbe459e
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
evolution-2.0.2-35.0.4.el4_6.1.src.rpm     8da571d7b19109bb269105110a6ba0ca
evolution28-2.8.0-53.el4_6.2.src.rpm     5f34fafdbd5b6ca17f97754e13ec5154
 
IA-32:
evolution-2.0.2-35.0.4.el4_6.1.i386.rpm     c7ed0106d1a42ae54238c97c12c5402a
evolution-devel-2.0.2-35.0.4.el4_6.1.i386.rpm     0be255baffa73c0ae8d4a289b469caf4
evolution28-2.8.0-53.el4_6.2.i386.rpm     2e44e645092ec420b69598c5c2755910
evolution28-devel-2.8.0-53.el4_6.2.i386.rpm     94b58fe2b2c565bc7466d2723f69b432
 
IA-64:
evolution-2.0.2-35.0.4.el4_6.1.ia64.rpm     f563be7281e48a244a4a83a4170bccdb
evolution-devel-2.0.2-35.0.4.el4_6.1.ia64.rpm     bf7764874707fa16c31badce4fc5e11b
evolution28-2.8.0-53.el4_6.2.ia64.rpm     0f5f7d91539a596c358aa91f1523e217
evolution28-devel-2.8.0-53.el4_6.2.ia64.rpm     0b6cdf5c12b2f0232d58ac4149775551
 
PPC:
evolution-2.0.2-35.0.4.el4_6.1.ppc.rpm     c50ce393148498d641dcdc3a5affe713
evolution-devel-2.0.2-35.0.4.el4_6.1.ppc.rpm     7c442c85586a71e865f1754688248e86
evolution28-2.8.0-53.el4_6.2.ppc.rpm     9182f3da8b68143181aecc88314d123c
evolution28-devel-2.8.0-53.el4_6.2.ppc.rpm     c13a168ca5153e3b89f2a4ed69f66bdb
 
s390:
evolution-2.0.2-35.0.4.el4_6.1.s390.rpm     293f115f2cacc0966e85c04cacee12a1
evolution-devel-2.0.2-35.0.4.el4_6.1.s390.rpm     f52e03ecfb7651c87fc4bd79948c0fc6
evolution28-2.8.0-53.el4_6.2.s390.rpm     2d9b317f57d42df0e8190d894192db44
evolution28-devel-2.8.0-53.el4_6.2.s390.rpm     c39d8409fb604ee4985481d3818cc53a
 
s390x:
evolution-2.0.2-35.0.4.el4_6.1.s390x.rpm     f02f676b6d969a489e6a9c669119a468
evolution-devel-2.0.2-35.0.4.el4_6.1.s390x.rpm     eab0a02ff63995b36a54086e12df2f30
evolution28-2.8.0-53.el4_6.2.s390x.rpm     2a1391655c37bac7e3394f4711387334
evolution28-devel-2.8.0-53.el4_6.2.s390x.rpm     0441084e367ebf24d9449be5b1579144
 
x86_64:
evolution-2.0.2-35.0.4.el4_6.1.x86_64.rpm     eab94ff5dcce3983a60a1d7c95934aec
evolution-devel-2.0.2-35.0.4.el4_6.1.x86_64.rpm     f4d3422304ad05066da7be5b7cd583d8
evolution28-2.8.0-53.el4_6.2.x86_64.rpm     4d3206775ac51b6060da7f7f3b2f54fe
evolution28-devel-2.8.0-53.el4_6.2.x86_64.rpm     819807555f0bd5334f50e2d22cbe459e
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
evolution-2.8.0-40.el5_1.1.src.rpm     bc326bab2009ec8dcda36c5b5c29f0e6
 
IA-32:
evolution-2.8.0-40.el5_1.1.i386.rpm     cb5e69d31b9f7e1c29a82cab2b4c744e
 
x86_64:
evolution-2.8.0-40.el5_1.1.i386.rpm     cb5e69d31b9f7e1c29a82cab2b4c744e
evolution-2.8.0-40.el5_1.1.x86_64.rpm     e3a9da8b1243b72bb4f39b722373c992
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
evolution-2.0.2-35.0.4.el4_6.1.src.rpm     8da571d7b19109bb269105110a6ba0ca
evolution28-2.8.0-53.el4_6.2.src.rpm     5f34fafdbd5b6ca17f97754e13ec5154
 
IA-32:
evolution-2.0.2-35.0.4.el4_6.1.i386.rpm     c7ed0106d1a42ae54238c97c12c5402a
evolution-devel-2.0.2-35.0.4.el4_6.1.i386.rpm     0be255baffa73c0ae8d4a289b469caf4
evolution28-2.8.0-53.el4_6.2.i386.rpm     2e44e645092ec420b69598c5c2755910
evolution28-devel-2.8.0-53.el4_6.2.i386.rpm     94b58fe2b2c565bc7466d2723f69b432
 
IA-64:
evolution-2.0.2-35.0.4.el4_6.1.ia64.rpm     f563be7281e48a244a4a83a4170bccdb
evolution-devel-2.0.2-35.0.4.el4_6.1.ia64.rpm     bf7764874707fa16c31badce4fc5e11b
evolution28-2.8.0-53.el4_6.2.ia64.rpm     0f5f7d91539a596c358aa91f1523e217
evolution28-devel-2.8.0-53.el4_6.2.ia64.rpm     0b6cdf5c12b2f0232d58ac4149775551
 
x86_64:
evolution-2.0.2-35.0.4.el4_6.1.x86_64.rpm     eab94ff5dcce3983a60a1d7c95934aec
evolution-devel-2.0.2-35.0.4.el4_6.1.x86_64.rpm     f4d3422304ad05066da7be5b7cd583d8
evolution28-2.8.0-53.el4_6.2.x86_64.rpm     4d3206775ac51b6060da7f7f3b2f54fe
evolution28-devel-2.8.0-53.el4_6.2.x86_64.rpm     819807555f0bd5334f50e2d22cbe459e
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
evolution-2.0.2-35.0.4.el4_6.1.src.rpm     8da571d7b19109bb269105110a6ba0ca
evolution28-2.8.0-53.el4_6.2.src.rpm     5f34fafdbd5b6ca17f97754e13ec5154
 
IA-32:
evolution-2.0.2-35.0.4.el4_6.1.i386.rpm     c7ed0106d1a42ae54238c97c12c5402a
evolution-devel-2.0.2-35.0.4.el4_6.1.i386.rpm     0be255baffa73c0ae8d4a289b469caf4
evolution28-2.8.0-53.el4_6.2.i386.rpm     2e44e645092ec420b69598c5c2755910
evolution28-devel-2.8.0-53.el4_6.2.i386.rpm     94b58fe2b2c565bc7466d2723f69b432
 
IA-64:
evolution-2.0.2-35.0.4.el4_6.1.ia64.rpm     f563be7281e48a244a4a83a4170bccdb
evolution-devel-2.0.2-35.0.4.el4_6.1.ia64.rpm     bf7764874707fa16c31badce4fc5e11b
evolution28-2.8.0-53.el4_6.2.ia64.rpm     0f5f7d91539a596c358aa91f1523e217
evolution28-devel-2.8.0-53.el4_6.2.ia64.rpm     0b6cdf5c12b2f0232d58ac4149775551
 
x86_64:
evolution-2.0.2-35.0.4.el4_6.1.x86_64.rpm     eab94ff5dcce3983a60a1d7c95934aec
evolution-devel-2.0.2-35.0.4.el4_6.1.x86_64.rpm     f4d3422304ad05066da7be5b7cd583d8
evolution28-2.8.0-53.el4_6.2.x86_64.rpm     4d3206775ac51b6060da7f7f3b2f54fe
evolution28-devel-2.8.0-53.el4_6.2.x86_64.rpm     819807555f0bd5334f50e2d22cbe459e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

435759 - CVE-2008-0072 Evolution format string flaw


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072
http://www.redhat.com/security/updates/classification/#critical

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/


[***** End Red Hat  RHSA-2008:0177-3 *****]
CIAC wishes to acknowledge the contributions of Red Hat for the information contained in this bulletin.
CIAC services are available to DOE, DOE Contractors, and the NIH. CIAC can be contacted at: 
    Voice:          +1 925-422-8193 (7 x 24)
    FAX:            +1 925-423-8002
    STU-III:        +1 925-423-2604
    E-mail:          ciac@ciac.org
    World Wide Web:  http://www.ciac.org/
    Anonymous FTP:   ftp.ciac.org
This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes.
UCRL-MI-119788
[Privacy and Legal Notice]