Ubuntu
evolution package

Branches for Dapper

Name Status Last Modified Last Commit
lp:ubuntu/dapper/evolution 2 Mature 2010-02-22 22:41:01 UTC
24. * debian/patches/20_correct_gettext_d...

Author: Sebastien Bacher
Revision Date: 2006-05-20 21:34:13 UTC

* debian/patches/20_correct_gettext_domain.patch:
  - patch by Gary Coady <garycoady@ubuntu.com>
  - use correct gettext domain, fix some strings not translated to the UI
    (Ubuntu: #44081)
lp:ubuntu/dapper-security/evolution 2 Mature 2010-02-22 22:41:12 UTC
27. * SECURITY UPDATE: buffer overflow vi...

Author: Jamie Strandboge
Revision Date: 2008-06-05 07:46:48 UTC

* SECURITY UPDATE: buffer overflow via timezone data in crafted ical
  attachments
* debian/patches/99_01_CVE-2008-1108.patch: adjust
  calendar/gui/e-itip-control.c to use a GString rather than a fixed-size
  buffer to build the HTML string to avoid the possibility of an overflow.
* SECURITY UPDATE: heap-based overflow via crafted ical attachments with
  long DESCRIPTION
* debian/patches/99_02_CVE-2008-1109.patch: adjust calendar/gui/itip-utils.c
  to not use a fixed-size buffer for parsing external data. Simplify the
  logic to just split and rejoin the string with a different line separator.
* SECURITY UPDATE: remotely triggered denial of service
* debian/patches/99_03_bug535459.patch: add sanity checks and don't use
  component when checks fail in plugins/itip-formatter.c, gui/itip-utils.h,
  gui/itip-utils.c, gui/e-itip-control.c
* References
  CVE-2008-1108
  CVE-2008-1109
  http://bugzilla.gnome.org/show_bug.cgi?id=535459
lp:ubuntu/dapper-updates/evolution 2 Mature 2010-02-22 22:41:36 UTC
27. * SECURITY UPDATE: buffer overflow vi...

Author: Jamie Strandboge
Revision Date: 2008-06-05 07:46:48 UTC

* SECURITY UPDATE: buffer overflow via timezone data in crafted ical
  attachments
* debian/patches/99_01_CVE-2008-1108.patch: adjust
  calendar/gui/e-itip-control.c to use a GString rather than a fixed-size
  buffer to build the HTML string to avoid the possibility of an overflow.
* SECURITY UPDATE: heap-based overflow via crafted ical attachments with
  long DESCRIPTION
* debian/patches/99_02_CVE-2008-1109.patch: adjust calendar/gui/itip-utils.c
  to not use a fixed-size buffer for parsing external data. Simplify the
  logic to just split and rejoin the string with a different line separator.
* SECURITY UPDATE: remotely triggered denial of service
* debian/patches/99_03_bug535459.patch: add sanity checks and don't use
  component when checks fail in plugins/itip-formatter.c, gui/itip-utils.h,
  gui/itip-utils.c, gui/e-itip-control.c
* References
  CVE-2008-1108
  CVE-2008-1109
  http://bugzilla.gnome.org/show_bug.cgi?id=535459
13 of 3 results FirstPreviousNextLast