lp:ubuntu/feisty-updates/evolution

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

58. By Jamie Strandboge on 2008-06-05

* SECURITY UPDATE: buffer overflow via timezone data in crafted ical
  attachments
* debian/patches/99_01_CVE-2008-1108.patch: adjust
  calendar/gui/e-itip-control.c to use a GString rather than a fixed-size
  buffer to build the HTML string to avoid the possibility of an overflow.
* SECURITY UPDATE: heap-based overflow via crafted ical attachments with
  long DESCRIPTION
* debian/patches/99_02_CVE-2008-1109.patch: adjust calendar/gui/itip-utils.c
  to not use a fixed-size buffer for parsing external data. Simplify the
  logic to just split and rejoin the string with a different line separator.
* SECURITY UPDATE: remotely triggered denial of service
* debian/patches/99_03_bug535459.patch: add sanity checks and don't use
  component when checks fail in plugins/itip-formatter.c, gui/itip-utils.h,
  gui/itip-utils.c, gui/e-itip-control.c
* References
  CVE-2008-1108
  CVE-2008-1109
  http://bugzilla.gnome.org/show_bug.cgi?id=535459

57. By Kees Cook on 2008-03-04

* SECURITY UPDATE: code execution via format string in encrypted emails.
* Add 99_00_encryption_format_string_fix.patch: upstream fixes from
  Srinivasa Ragavan.
* References
  CVE-2008-0072

56. By Sebastien Bacher on 2007-04-10

* debian/patches/90_list_arabic_encoding.patch:
  - change by Martin Jürgens to list arabic encoding (Ubuntu: #82322)
* debian/patches/91_revert_uri_change.patch:
  - revert the change that broke the command line calendar opening
    (Ubuntu: #84554)

55. By Sebastien Bacher on 2007-04-09

* New upstream version
* debian/patches/04_autoreconf.patch:
  - updated
* debian/patches/93_fix_memo_format_string.patch:
  - dropped, fixed with the new version

54. By Kees Cook on 2007-03-22

* SECURITY UPDATE: format string overflow via share memo categories.
* debian/patches/93_fix_memo_format_string.patch: protect category list.
* References
  CVE-2007-1002

53. By Sebastien Bacher on 2007-03-13

* New upstream version:
  - workaround "evolution crashed with SIGSEGV in ect_check()"
    (Ubuntu: #88090)
* debian/control:
  - updated for gtkhtml versionning change
* debian/evolution-2.2.desktop:
  - updated to use non versionned command and icon
* debian/patches/02_icon.patch:
  - dropped, the icon name has changed upstream (Ubuntu: #88439)
* debian/patches/04_autoreconf.patch:
  - updated

52. By Sebastien Bacher on 2007-02-27

* New upstream version:
  - Fix "Evolution should use GtkAboutDialog" (Ubuntu: #3226)
  - Fix "Random contact gets selected after deleting a contact"
    (Ubuntu: #24924)
  - Fix "evolution message send options error" (Ubuntu: #84834)
* debian/evolution-common.install:
  - updated list of files to install
* debian/patches/04_autoreconf.patch:
  - new upstream version

51. By Sebastien Bacher on 2007-02-18

* debian/control:
  - use Desktop Team for Maintainer
* debian/evolution-alarm-notify.desktop
  - use "OnlyShowIn=GNOME;" (Ubuntu: #85834)

50. By Sebastien Bacher on 2007-02-12

* New upstream version
* debian/control:
  - require the new evolution-data-server
* debian/patches/04_autoreconf.patch:
  - updated

49. By Sebastien Bacher on 2007-01-23

* New upstream version
* debian/control:
  - updated the GTK requirement for GtkPrint
  - updated the evolution-plugins package description
    to list the new imap-features plugin
* debian/evolution-plugins.install:
  - list the new imap-features plugin
* debian/patches/04_autoreconf.patch:
  - updated