Ubuntu
evolution package

Evolution SIGSEGV when accepting VCS/ICS calendar attachment

Bug #704846 reported by mio75
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
evolution (Ubuntu)
Invalid
Low
Unassigned

Bug Description

Binary package hint: evolution

(The following description is a copy of what I wrote in Bug #683705. Opening this new bug report because I was asked to provide information from Apport. See bug #683705 for attachments.)

Received an Email with an event invitation from an apple user (iCal). Clicked on "Accept" button below the email. Evolution immediately crashes.

Stripped down the attachment (removed additional recipients/real email addresses), attaching file "test_ical.ics". I can reproduce the SIGSEGV 100% of the times by just sending myself this file as an email attachment, then clicking "Accept".

Marking this a "security vulnerability" because people can send me emails that crash my software. Not sure if they could do anything more harmful.

ProblemType: Crash
DistroRelease: Ubuntu 10.04
Package: evolution 2.28.3-0ubuntu10.2
ProcVersionSignature: Ubuntu 2.6.32-27.49-generic 2.6.32.26+drm33.12
Uname: Linux 2.6.32-27-generic i686
NonfreeKernelModules: wl nvidia
Architecture: i386
Date: Wed Jan 19 12:01:24 2011
EcryptfsInUse: Yes
ExecutablePath: /usr/bin/evolution
InstallationMedia: Ubuntu 10.04.1 LTS "Lucid Lynx" - Release i386 (20100816.1)
ProcCmdline: evolution
ProcEnviron:
 SHELL=/bin/bash
 PATH=(custom, user)
 LANGUAGE=en
 LANG=de_DE.utf8
SegvAnalysis:
 Segfault happened at: 0x66da6b6: mov 0x10(%edi),%eax
 PC (0x066da6b6) ok
 source "0x10(%edi)" (0x00000010) not located in a known VMA region (needed readable region)!
 destination "%eax" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: evolution
StacktraceTop:
 ?? ()
 itip_send_comp ()
 ?? ()
 g_cclosure_marshal_VOID(int0_t) ()
 g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
Title: evolution crashed with SIGSEGV in itip_send_comp()
UserGroups: adm admin avahi cdrom dialout kvm libvirtd lpadmin plugdev sambashare vboxusers
XsessionErrors:
 (polkit-gnome-authentication-agent-1:2234): GLib-CRITICAL **: g_once_init_leave: assertion `initialization_value != 0' failed
 (gnome-panel:2221): GConf-WARNING **: Directory `/apps/panel/toplevels/bottom_panel_screen1/screen' was not being monitored by GConfClient 0x962db60

See original description
Revision history for this message
mio75 (mio75) wrote :
mio75 (mio75)
description: updated
Revision history for this message
Kees Cook (kees) wrote :

Thanks for getting the Apport details. This looks like "just" a regular crash, so I'm going to make the bug public and unmark it as security so hopefully some evolution developers can get a chance to look at it.

security vulnerability: yes → no
visibility: private → public
Changed in evolution (Ubuntu):
status: New → Confirmed
importance: Undecided → Low
Revision history for this message
Jörg Frings-Fürst (jff-de) wrote :

Bug from 2011. Version not longer supportet.
Change status to Invalid

Changed in evolution (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.