Ubuntu
evolution package

Branches for Feisty

Name		Status	Last Modified	Last Commit
lp:ubuntu/feisty/evolution		1 Development	2010-02-22 22:43:06 UTC 2010-02-22	56. * debian/patches/90_list_arabic_encod... Author: Sebastien Bacher Revision Date: 2007-04-10 23:09:02 UTC * debian/patches/90_list_arabic_encoding.patch: - change by Martin Jürgens to list arabic encoding (Ubuntu: #82322) * debian/patches/91_revert_uri_change.patch: - revert the change that broke the command line calendar opening (Ubuntu: #84554)
lp:ubuntu/feisty-security/evolution		1 Development	2010-02-22 22:43:18 UTC 2010-02-22	58. * SECURITY UPDATE: buffer overflow vi... Author: Jamie Strandboge Revision Date: 2008-06-05 07:09:56 UTC * SECURITY UPDATE: buffer overflow via timezone data in crafted ical attachments * debian/patches/99_01_CVE-2008-1108.patch: adjust calendar/gui/e-itip-control.c to use a GString rather than a fixed-size buffer to build the HTML string to avoid the possibility of an overflow. * SECURITY UPDATE: heap-based overflow via crafted ical attachments with long DESCRIPTION * debian/patches/99_02_CVE-2008-1109.patch: adjust calendar/gui/itip-utils.c to not use a fixed-size buffer for parsing external data. Simplify the logic to just split and rejoin the string with a different line separator. * SECURITY UPDATE: remotely triggered denial of service * debian/patches/99_03_bug535459.patch: add sanity checks and don't use component when checks fail in plugins/itip-formatter.c, gui/itip-utils.h, gui/itip-utils.c, gui/e-itip-control.c * References CVE-2008-1108 CVE-2008-1109 http://bugzilla.gnome.org/show_bug.cgi?id=535459
lp:ubuntu/feisty-updates/evolution		1 Development	2010-02-22 22:43:40 UTC 2010-02-22	58. * SECURITY UPDATE: buffer overflow vi... Author: Jamie Strandboge Revision Date: 2008-06-05 07:09:56 UTC * SECURITY UPDATE: buffer overflow via timezone data in crafted ical attachments * debian/patches/99_01_CVE-2008-1108.patch: adjust calendar/gui/e-itip-control.c to use a GString rather than a fixed-size buffer to build the HTML string to avoid the possibility of an overflow. * SECURITY UPDATE: heap-based overflow via crafted ical attachments with long DESCRIPTION * debian/patches/99_02_CVE-2008-1109.patch: adjust calendar/gui/itip-utils.c to not use a fixed-size buffer for parsing external data. Simplify the logic to just split and rejoin the string with a different line separator. * SECURITY UPDATE: remotely triggered denial of service * debian/patches/99_03_bug535459.patch: add sanity checks and don't use component when checks fail in plugins/itip-formatter.c, gui/itip-utils.h, gui/itip-utils.c, gui/e-itip-control.c * References CVE-2008-1108 CVE-2008-1109 http://bugzilla.gnome.org/show_bug.cgi?id=535459