Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2007.0332 -- [UNIX/Linux][RedHat]
Moderate: evolution security update
31 May 2007
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: evolution
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 3
UNIX variants (UNIX, Linux, OSX)
Impact: Access Privileged Data
Access: Remote/Unauthenticated
CVE Names: CVE-2007-1558
Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0344.html
https://rhn.redhat.com/errata/RHSA-2007-0353.html
Comment: This advisory references vulnerabilities in products which run on
platforms other than Red Hat. It is recommended that
administrators running evolution check for an updated version of
the software for their operating system.
Revision History: May 31 2007: Included a second advisory for RHE
version 5.
May 18 2007: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Moderate: evolution-data-server security update
Advisory ID: RHSA-2007:0344-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0344.html
Issue date: 2007-05-30
Updated on: 2007-05-30
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-1558
- - ---------------------------------------------------------------------
1. Summary:
Updated evolution-data-server package that fixes a security bug are now
available for Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
3. Problem description:
The evolution-data-server package provides a unified backend for programs
that work with contacts, tasks, and calendar information.
A flaw was found in the way evolution-data-server processed certain APOP
authentication requests. By sending certain responses when
evolution-data-server attempted to authenticate against an APOP server, a
remote attacker could potentially acquire certain portions of a user's
authentication credentials. (CVE-2007-1558)
All users of evolution-data-server should upgrade to these updated
packages, which contain a backported patch which resolves this issue.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
235289 - CVE-2007-1558 Evolution APOP information disclosure
6. RPMs required:
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm
2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm
i386:
12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm
f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm
x86_64:
12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm
e9049a57a4a46768187c942d09ed18e1 evolution-data-server-1.8.0-15.0.3.el5.x86_64.rpm
f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm
7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm
2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm
i386:
f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm
85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm
x86_64:
f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm
7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm
85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm
89bff966c9bec550c442038a2028135c evolution-data-server-devel-1.8.0-15.0.3.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm
2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm
i386:
12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm
f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm
85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm
ia64:
6ba76e70eb9826231d246797ab6b21c7 evolution-data-server-1.8.0-15.0.3.el5.ia64.rpm
da4300ef017ecd2c01853894b47b2e6b evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ia64.rpm
2662f80f6af03a05e2d064b2ace99c24 evolution-data-server-devel-1.8.0-15.0.3.el5.ia64.rpm
ppc:
4539079a11bca9401812c12d59ceb6e1 evolution-data-server-1.8.0-15.0.3.el5.ppc.rpm
77b4f4f8897286bc0d10d51e32838572 evolution-data-server-1.8.0-15.0.3.el5.ppc64.rpm
4b37d2c9d8512fda671864484d550833 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ppc.rpm
28cb1a7aad5d3be6adfe3e09009ddbb5 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ppc64.rpm
179b33eab82f94e18069641ae5c252aa evolution-data-server-devel-1.8.0-15.0.3.el5.ppc.rpm
54367c5a72247c9acc6663e164fe8839 evolution-data-server-devel-1.8.0-15.0.3.el5.ppc64.rpm
s390x:
e845ec48cdc8df471d5d114a93e21344 evolution-data-server-1.8.0-15.0.3.el5.s390.rpm
c0c440eb4ed5dd2d930434a3a92a8461 evolution-data-server-1.8.0-15.0.3.el5.s390x.rpm
1c4626a99ac75f4b68598e1c2c324b6a evolution-data-server-debuginfo-1.8.0-15.0.3.el5.s390.rpm
e47ff2ee3fc82654354792db8cd458b1 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.s390x.rpm
8d834b7fe2e3c55da02516402f5b5970 evolution-data-server-devel-1.8.0-15.0.3.el5.s390.rpm
88b102e274ed7c5eac65147b3922b567 evolution-data-server-devel-1.8.0-15.0.3.el5.s390x.rpm
x86_64:
12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm
e9049a57a4a46768187c942d09ed18e1 evolution-data-server-1.8.0-15.0.3.el5.x86_64.rpm
f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm
7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm
85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm
89bff966c9bec550c442038a2028135c evolution-data-server-devel-1.8.0-15.0.3.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
http://www.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFGXUdIXlSAg2UNWIIRAnrDAJ9mWzvojb4apawWjXjflZqJmBn8mgCguT4t
VnsUfW5asZrgUagXxmgkENc=
=ZOfG
- -----END PGP SIGNATURE-----
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ---------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Moderate: evolution security update
Advisory ID: RHSA-2007:0353-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0353.html
Issue date: 2007-05-17
Updated on: 2007-05-17
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-1558
- - ---------------------------------------------------------------------
1. Summary:
Updated evolution packages that fix a security bug are now available for
Red Hat Enterprise Linux 3 and 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
3. Problem description:
Evolution is the GNOME collection of personal information management (PIM)
tools.
A flaw was found in the way Evolution processed certain APOP authentication
requests. A remote attacker could potentially acquire certain portions of a
user's authentication credentials by sending certain responses when
evolution-data-server attempted to authenticate against an APOP server.
(CVE-2007-1558)
All users of Evolution should upgrade to these updated packages, which
contain a backported patch which resolves this issue.
4. Solution:
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
5. Bug IDs fixed (http://bugzilla.redhat.com/):
238565 - CVE-2007-1558 Evolution APOP information disclosure
6. RPMs required:
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm
c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm
i386:
65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm
b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm
934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm
ia64:
ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm
e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm
781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm
ppc:
3ee9a25add5a42bf89e93a63ac3d91ef evolution-1.4.5-20.el3.ppc.rpm
7587d60586a60cb60afe27a07c436ad9 evolution-debuginfo-1.4.5-20.el3.ppc.rpm
a17552a71ca70e285a129fc6c9e42d91 evolution-devel-1.4.5-20.el3.ppc.rpm
s390:
a95aab39409afe560a9d01d867d2a658 evolution-1.4.5-20.el3.s390.rpm
bf061e59d63b1a725dafd0e3626a006a evolution-debuginfo-1.4.5-20.el3.s390.rpm
8cc741d3a5dfd223c085cd95dc16c8b6 evolution-devel-1.4.5-20.el3.s390.rpm
s390x:
85cc84a449a757874ce6f2c8a4b638cb evolution-1.4.5-20.el3.s390x.rpm
91a0deb5ca3fbbd7c8738a9f4d1fc3cf evolution-debuginfo-1.4.5-20.el3.s390x.rpm
a5d24149a144f570540506ed060f3d02 evolution-devel-1.4.5-20.el3.s390x.rpm
x86_64:
da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm
58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm
c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm
c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm
i386:
65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm
b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm
934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm
x86_64:
da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm
58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm
c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm
c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm
i386:
65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm
b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm
934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm
ia64:
ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm
e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm
781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm
x86_64:
da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm
58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm
c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm
c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm
i386:
65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm
b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm
934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm
ia64:
ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm
e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm
781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm
x86_64:
da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm
58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm
c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm
886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm
i386:
21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm
8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm
839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm
ia64:
7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm
5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm
f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm
ppc:
41279cc52d1f8bf006137019bdeec115 evolution-2.0.2-35.0.2.el4.ppc.rpm
bf3972bed4b6ebb695012d1e80942df3 evolution-debuginfo-2.0.2-35.0.2.el4.ppc.rpm
0fa38e81f331db0f6d22f62167714413 evolution-devel-2.0.2-35.0.2.el4.ppc.rpm
s390:
93fad9c3c62573cf366bcda9805b9c8d evolution-2.0.2-35.0.2.el4.s390.rpm
1533b1f9e19170581d4aa41646c02178 evolution-debuginfo-2.0.2-35.0.2.el4.s390.rpm
7905d268cfbbca40893cb1480c130b81 evolution-devel-2.0.2-35.0.2.el4.s390.rpm
s390x:
4df2d5c1eeeadbd21a2ffdd69f66f91c evolution-2.0.2-35.0.2.el4.s390x.rpm
90e17288a99cb57b52261f5b3c80f950 evolution-debuginfo-2.0.2-35.0.2.el4.s390x.rpm
abb56c486d2112fce800d612263586e0 evolution-devel-2.0.2-35.0.2.el4.s390x.rpm
x86_64:
7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm
489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm
4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm
886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm
i386:
21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm
8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm
839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm
x86_64:
7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm
489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm
4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm
886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm
i386:
21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm
8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm
839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm
ia64:
7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm
5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm
f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm
x86_64:
7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm
489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm
4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm
886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm
i386:
21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm
8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm
839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm
ia64:
7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm
5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm
f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm
x86_64:
7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm
489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm
4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
http://www.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/
Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFGTGrKXlSAg2UNWIIRAqUxAKCOs8EDnpP84DSmjcoBuCHRLStx4QCggP04
ac+P0AERa1bBLmmr54glUvs=
=bqxI
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRl4G9Sh9+71yA2DNAQL6CAQAjmxZUt+1DeQr8LaZrjJJwUTaO+uAScZ5
UX02dRkaz6Bm+Rnn09+Iv4OBrUyd+iS12YuYpIwkxPUt5vszESsgn8AobsuBKQ2w
6y1+e47ZjLjyFy4kkPVE8PQMn94Sj734zVloKnLHb9oFo+SJQ9p6IcPxC6m0N4zp
6zaHabB5Q3c=
=jwMP
-----END PGP SIGNATURE-----