Message-ID: <email address hidden> Date: Mon, 10 Oct 2005 10:52:12 +0200 From: =?iso-8859-1?Q?Lo=EFc?= Minier <email address hidden> To: <email address hidden> Subject: Re: Fixed in NMU of evolution 2.0.3-1.2
Version: 2.0.3-1.2
Hi,
The NMU below was never acknowledged but was merged and I'm closing this bug:
On mar, jan 25, 2005, Jordi Mallach wrote: > tag 290291 + fixed >=20 > quit >=20 > This message was generated automatically in response to a > non-maintainer upload. The .changes file follows. >=20 > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 > Format: 1.7 > Date: Tue, 25 Jan 2005 17:49:41 +0100 > Source: evolution > Binary: evolution-dev evolution > Architecture: source i386 > Version: 2.0.3-1.2 > Distribution: unstable > Urgency: high > Maintainer: Takuo KITAME <email address hidden> > Changed-By: Jordi Mallach <email address hidden> > Description:=20 > evolution - The groupware suite > evolution-dev - Development library files for Evolution > Closes: 290291 > Changes:=20 > evolution (2.0.3-1.2) unstable; urgency=3DHIGH > . > * Non-maintainer upload to fix SECURITY issues. > * debian/patches/CAN-2005-0102.patch: > - camel/camel-lock-helper.c: malloc()'ing supplied path length + 1= allowed > an integer overflow and malloc()ation of a 0-byte buffer, which = was then > filled by an arbitrary amount of user-supplied data. Now restric= t > the length of the supplied path to at most 0xFFFF characters (pa= tch > taken from Ubuntu USN-69-1, thanks pitti!). > * debian/patches/mail-preserve-auth-conf.patch: patch from Ximian Bu= gzilla > to fix the skipping of the needauth setting (closes: #290291). > * debian/rules: add DEB_FIXPERMS_EXCLUDE for camel-lock-helper. > * debian/evolution.postinst: removed, chmod/chgrp handled by make in= stall > (this changes camel-lock-help from suid root to sgid mail). > Files:=20 > 2a78ec8d55fba55463da3edc84b0437d 1141 gnome optional evolution_2.0.3-1= .2.dsc > 7e8f066dad44529a92e6b7e036e0a450 265925 gnome optional evolution_2.0.3= -1.2.diff.gz > 53737df6e9812366dac110e948796ecc 10209014 gnome optional evolution_2.0= .3-1.2_i386.deb > 09a1e0db1d45b6266357eb5cfa85d89b 159108 devel optional evolution-dev_2= .0.3-1.2_i386.deb >=20 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.5 (GNU/Linux) >=20 > iD8DBQFB9r5+JYSUupF6Il4RAi4jAJ4+6eHMQsS/aBNn6m3XqZyiN5nCGwCgh7YT > uuzouQiLVfMbcU/cDScQMno=3D > =3DqqCB > -----END PGP SIGNATURE----- >=20 >=20 >=20 Cheers,
Cheers,
--=20 Lo=EFc Minier <email address hidden>
Message-ID: <email address hidden> 1?Q?Lo= EFc?= Minier <email address hidden>
Date: Mon, 10 Oct 2005 10:52:12 +0200
From: =?iso-8859-
To: <email address hidden>
Subject: Re: Fixed in NMU of evolution 2.0.3-1.2
Version: 2.0.3-1.2
Hi,
The NMU below was never acknowledged but was merged and I'm closing
this bug:
On mar, jan 25, 2005, Jordi Mallach wrote: patches/ CAN-2005- 0102.patch: lock-helper. c: malloc()'ing supplied path length + 1= patches/ mail-preserve- auth-conf. patch: patch from Ximian Bu= EXCLUDE for camel-lock-helper. evolution. postinst: removed, chmod/chgrp handled by make in= 463da3edc84b043 7d 1141 gnome optional evolution_2.0.3-1= a92e6b7e036e0a4 50 265925 gnome optional evolution_2.0.3= 6dac110e948796e cc 10209014 gnome optional evolution_2.0= 66357eb5cfa85d8 9b 159108 devel optional evolution-dev_2= JYSUupF6Il4RAi4 jAJ4+6eHMQsS/ aBNn6m3XqZyiN5n CGwCgh7YT cDScQMno= 3D
> tag 290291 + fixed
>=20
> quit
>=20
> This message was generated automatically in response to a
> non-maintainer upload. The .changes file follows.
>=20
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>=20
> Format: 1.7
> Date: Tue, 25 Jan 2005 17:49:41 +0100
> Source: evolution
> Binary: evolution-dev evolution
> Architecture: source i386
> Version: 2.0.3-1.2
> Distribution: unstable
> Urgency: high
> Maintainer: Takuo KITAME <email address hidden>
> Changed-By: Jordi Mallach <email address hidden>
> Description:=20
> evolution - The groupware suite
> evolution-dev - Development library files for Evolution
> Closes: 290291
> Changes:=20
> evolution (2.0.3-1.2) unstable; urgency=3DHIGH
> .
> * Non-maintainer upload to fix SECURITY issues.
> * debian/
> - camel/camel-
allowed
> an integer overflow and malloc()ation of a 0-byte buffer, which =
was then
> filled by an arbitrary amount of user-supplied data. Now restric=
t
> the length of the supplied path to at most 0xFFFF characters (pa=
tch
> taken from Ubuntu USN-69-1, thanks pitti!).
> * debian/
gzilla
> to fix the skipping of the needauth setting (closes: #290291).
> * debian/rules: add DEB_FIXPERMS_
> * debian/
stall
> (this changes camel-lock-help from suid root to sgid mail).
> Files:=20
> 2a78ec8d55fba55
.2.dsc
> 7e8f066dad44529
-1.2.diff.gz
> 53737df6e981236
.3-1.2_i386.deb
> 09a1e0db1d45b62
.0.3-1.2_i386.deb
>=20
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.5 (GNU/Linux)
>=20
> iD8DBQFB9r5+
> uuzouQiLVfMbcU/
> =3DqqCB
> -----END PGP SIGNATURE-----
>=20
>=20
>=20
Cheers,
--=20
Lo=EFc Minier <email address hidden>