Your message dated Wed, 22 Aug 2007 07:57:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#429876: fixed in evolution 2.0.4-2sarge2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: evolution-data-server
Version: 1.10.2-1
Severity: grave
Tags: security
E-D-S 2.11.4 has just been released with a fix for
http://bugs.gnome.org/447414 , which is a remotely-exploitable negative
array index. I found this out by reading Philip Van Hoof's blog[0]. A
backport to GNOME's 2.18 branch is either present or in progress; I
can't tell from the bug report.
[0] http://pvanhoof.be/blog/index.php/2007/06/19/todays-new-evolution-release
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.22-rc5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages evolution-data-server depends on:
ii evolutio 1.10.2-1 architecture independent files for
ii libbonob 2.18.0-2 Bonobo CORBA interfaces library
ii libc6 2.5-11 GNU C Library: Shared libraries
ii libcamel 1.10.2-1 The Evolution MIME message handlin
ii libcomer 1.39+1.40-WIP-2007.04.07+dfsg-2 common error description library
ii libdb4.4 4.4.20-8 Berkeley v4.4 Database Libraries [
ii libebook 1.10.2-1 Client library for evolution addre
ii libecal1 1.10.2-1 Client library for evolution calen
ii libedata 1.10.2-1 Backend library for evolution addr
ii libedata 1.10.2-1 Backend library for evolution cale
ii libedata 1.10.2-1 Utility library for evolution data
ii libegrou 1.10.2-1 Client library for accessing group
ii libgconf 2.18.0.1-3 GNOME configuration database syste
ii libglib2 2.12.12-1 The GLib library of C routines
ii libgnome 2.18.0-4 The GNOME 2 library - runtime file
ii libgnome 1:2.18.1-2 GNOME Virtual File System (runtime
ii libgnutl 1.6.3-1 the GNU TLS library - runtime libr
ii libkrb53 1.6.dfsg.1-4 MIT Kerberos runtime libraries
ii libldap2 2.1.30-13.4 OpenLDAP libraries
ii libnspr4 4.6.6-3 NetScape Portable Runtime Library
ii libnss3- 3.11.5-3+b1 Network Security Service libraries
ii liborbit 1:2.14.7-0.1 libraries for ORBit2 - a CORBA ORB
ii libpopt0 1.10-3 lib for parsing cmdline parameters
ii libsoup2 2.2.100-1 an HTTP library implementation in
ii libxml2 2.6.29.dfsg-1 GNOME XML library
ii zlib1g 1:1.2.3-15 compression library - runtime
evolution-data-server recommends no packages.
-- no debconf information
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 713 440 7475 | http://crustytoothpaste.ath.cx/~bmc | My opinion only
Screw you, AACS LA: 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
OpenPGP: RSA v4 4096b 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: evolution
Source-Version: 2.0.4-2sarge2
We believe that the bug you reported is fixed in the latest version of
evolution, which is due to be installed in the Debian FTP archive:
evolution-dev_2.0.4-2sarge2_i386.deb
to pool/main/e/evolution/evolution-dev_2.0.4-2sarge2_i386.deb
evolution_2.0.4-2sarge2.diff.gz
to pool/main/e/evolution/evolution_2.0.4-2sarge2.diff.gz
evolution_2.0.4-2sarge2.dsc
to pool/main/e/evolution/evolution_2.0.4-2sarge2.dsc
evolution_2.0.4-2sarge2_i386.deb
to pool/main/e/evolution/evolution_2.0.4-2sarge2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Loic Minier <[EMAIL PROTECTED]> (supplier of updated evolution package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 21 Jun 2007 18:17:08 +0200
Source: evolution
Binary: evolution-dev evolution
Architecture: source i386
Version: 2.0.4-2sarge2
Distribution: oldstable-security
Urgency: high
Maintainer: Takuo KITAME <[EMAIL PROTECTED]>
Changed-By: Loic Minier <[EMAIL PROTECTED]>
Description:
evolution - The groupware suite
evolution-dev - Development library files for Evolution
Closes: 429876
Changes:
evolution (2.0.4-2sarge2) oldstable-security; urgency=high
.
* SECURITY: New patch, z_10_imap-negative-array-index, fixes potential
negative array index usage in IMAP code (remote); FEDORA-2007-0464;
GNOME #447414; closes: #429876.
Files:
099060ef401e9bd005ecce322b2b1905 1167 gnome optional
evolution_2.0.4-2sarge2.dsc
a0eecfdbfba9f098d200c6add4a27707 293848 gnome optional
evolution_2.0.4-2sarge2.diff.gz
a4afa05be3fd2916e18e8633e1a409c7 10232410 gnome optional
evolution_2.0.4-2sarge2_i386.deb
2abbd56ddb2e6fbea4db658bbec5f7f0 160362 devel optional
evolution-dev_2.0.4-2sarge2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFGgWoWXm3vHE4uyloRAqflAKDS4xjrIR2pGZwib09AKDVpqORh6gCg4nvn
AWxcza34RbTqeDa7ZmT+PRE=
=46A3
-----END PGP SIGNATURE-----
--- End Message ---
