Comment 16 for bug 11887

tag 290291 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 25 Jan 2005 17:49:41 +0100
Source: evolution
Binary: evolution-dev evolution
Architecture: source i386
Version: 2.0.3-1.2
Distribution: unstable
Urgency: high
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Jordi Mallach <email address hidden>
Description:
 evolution - The groupware suite
 evolution-dev - Development library files for Evolution
Closes: 290291
Changes:
 evolution (2.0.3-1.2) unstable; urgency=HIGH
 .
   * Non-maintainer upload to fix SECURITY issues.
   * debian/patches/CAN-2005-0102.patch:
     - camel/camel-lock-helper.c: malloc()'ing supplied path length + 1 allowed
       an integer overflow and malloc()ation of a 0-byte buffer, which was then
       filled by an arbitrary amount of user-supplied data. Now restrict
       the length of the supplied path to at most 0xFFFF characters (patch
       taken from Ubuntu USN-69-1, thanks pitti!).
   * debian/patches/mail-preserve-auth-conf.patch: patch from Ximian Bugzilla
     to fix the skipping of the needauth setting (closes: #290291).
   * debian/rules: add DEB_FIXPERMS_EXCLUDE for camel-lock-helper.
   * debian/evolution.postinst: removed, chmod/chgrp handled by make install
     (this changes camel-lock-help from suid root to sgid mail).
Files:
 2a78ec8d55fba55463da3edc84b0437d 1141 gnome optional evolution_2.0.3-1.2.dsc
 7e8f066dad44529a92e6b7e036e0a450 265925 gnome optional evolution_2.0.3-1.2.diff.gz
 53737df6e9812366dac110e948796ecc 10209014 gnome optional evolution_2.0.3-1.2_i386.deb
 09a1e0db1d45b6266357eb5cfa85d89b 159108 devel optional evolution-dev_2.0.3-1.2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFB9r5+JYSUupF6Il4RAi4jAJ4+6eHMQsS/aBNn6m3XqZyiN5nCGwCgh7YT
uuzouQiLVfMbcU/cDScQMno=
=qqCB
-----END PGP SIGNATURE-----