Public bug reported: https://launchpad.net/malone/bugs/36616
Affects: evolution (Ubuntu) Severity: Normal Priority: (none set) Status: Unconfirmed Description: Subject: evolution: Repeated crashing on particular spam, if the preview window is open. Package: evolution Version: 2.4.1-0ubuntu7 Severity: critical Justification: root security hole Whenever that attached spam is attempted to be viewed by evolution, it causes a prompt crash. This spam seems to have quite a few urls in it, and so may be related to http://thread.gmane.org/gmane.comp.security.bugtraq/22265 -- System Information: Debian Release: testing/unstable APT prefers breezy-updates APT policy: (500, 'breezy-updates'), (500, 'breezy-security'), (500, 'breezy') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-10-amd64-k8 Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Versions of packages evolution depends on: ii evolution-data 1.4.1-0ubuntu3 evolution database backend server ii gconf2 2.12.0-0ubuntu1 GNOME configuration database syste ii gnome-icon-the 2.12.1-0ubuntu1 GNOME Desktop icon theme ii gtkhtml3.8 3.8.1-0ubuntu1 HTML rendering/editing library - b ii libart-2.0-2 2.3.17-1 Library of functions for 2D graphi ii libatk1.0-0 1.10.3-0ubuntu2 The ATK accessibility toolkit ii libaudiofile0 0.2.6-6 Open-source version of SGI's audio ii libbonobo2-0 2.10.1-0ubuntu1 Bonobo CORBA interfaces library ii libbonoboui2-0 2.10.1-0ubuntu2 The Bonobo UI library ii libc6 2.3.5-1ubuntu12.5.10.1 GNU C Library: Shared libraries an ii libcairo2 1.0.2-0ubuntu1.1 The Cairo 2D vector graphics libra ii libcamel1.2-6 1.4.1-0ubuntu3 Generic messaging library for evol ii libcomerr2 1.38-2ubuntu1 common error description library ii libcompfaceg1 1989.11.11-24ubuntu1 Compress/decompress images for mai ii libebook1.2-5 1.4.1-0ubuntu3 Client library for evolution addre ii libecal1.2-3 1.4.1-0ubuntu3 Client library for evolution calen ii libedataserver 1.4.1-0ubuntu3 Utility library for evolution data ii libedataserver 1.4.1-0ubuntu3 Utility library for evolution data ii libesd-alsa0 [ 0.2.36-1ubuntu5 Enlightened Sound Daemon (ALSA) - ii libfontconfig1 2.3.2-1ubuntu4 generic font configuration library ii libfreetype6 2.1.7-2.4ubuntu1 FreeType 2 font engine, shared lib ii libgail-common 1.8.5-0ubuntu2 GNOME Accessibility Implementation ii libgail17 1.8.5-0ubuntu2 GNOME Accessibility Implementation ii libgconf2-4 2.12.0-0ubuntu1 GNOME configuration database syste ii libgcrypt11 1.2.1-3 LGPL Crypto library - runtime libr ii libglade2-0 1:2.5.1-2ubuntu1 library to load .glade files at ru ii libglib2.0-0 2.8.3-0ubuntu1 The GLib library of C routines ii libgnome-keyri 0.4.5-0ubuntu1 GNOME keyring services library ii libgnome-pilot 2.0.13-0ubuntu10 Support libraries for gnome-pilot ii libgnome2-0 2.12.0.1-0ubuntu1 The GNOME 2 library - runtime file ii libgnomecanvas 2.12.0-0ubuntu2 A powerful object-oriented display ii libgnomeprint2 2.12.1-0ubuntu1 The GNOME 2.2 print architecture - ii libgnomeprintu 2.12.1-0ubuntu1 GNOME 2.2 print architecture User ii libgnomeui-0 2.12.0-0ubuntu1 The GNOME 2 libraries (User Interf ii libgnomevfs2-0 2.12.1-0ubuntu2 The GNOME virtual file-system libr ii libgnutls11 1.0.16-13.1ubuntu1.1 GNU TLS library - runtime library ii libgpg-error0 1.0-1 library for common error values an ii libgtk2.0-0 2.8.6-0ubuntu2.1 The GTK+ graphical user interface ii libgtkhtml3.8- 3.8.1-0ubuntu1 HTML rendering/editing library - r ii libice6 1:6.3.5-4 X11 Inter-Client Exchange library ii libjpeg62 6b-10 The Independent JPEG Group's JPEG ii libkrb53 1.3.6-4 MIT Kerberos runtime libraries ii liblaunchpad-i 0.0patch26+mvo20-0ubuntu2 library for launchpad integration ii libldap2 2.1.30-12 OpenLDAP libraries ii liblpint-bonob 0.0patch26+mvo20-0ubuntu2 library for launchpad integration ii libnspr4 2:1.7.12-1ubuntu1 Netscape Portable Runtime Library ii libnss3 2:1.7.12-1ubuntu1 Network Security Service Libraries ii liborbit2 1:2.12.4-0ubuntu1 libraries for ORBit2 - a CORBA ORB ii libpango1.0-0 1.10.1-0ubuntu1 Layout and rendering of internatio ii libpisock8 0.11.8-10ubuntu3 Library for communicating with a P ii libpisync0 0.11.8-10ubuntu3 Synchronization library for PalmOS ii libpng12-0 1.2.8rel-1ubuntu3 PNG library - runtime ii libpopt0 1.7-5 lib for parsing cmdline parameters ii libsm6 1:6.0.4-4 X11 Session Management library ii libsoup2.2-8 2.2.6.1-0ubuntu1 an HTTP library implementation in ii libtasn1-2 0.2.10-4ubuntu0.1 Manage ASN.1 structures (runtime) ii libx11-6 1:6.2.1+cvs.20050722-8 X11 client-side library ii libxcursor1 1.1.4-0ubuntu5 X cursor management library ii libxext6 1:6.4.3-3 X11 miscellaneous extension librar ii libxfixes3 1:3.0.0-3 X11 miscellaneous 'fixes' extensio ii libxi6 1:1.3.0-2 X11 Input extension library ii libxinerama1 1:1.1.0+cvs.20050821-1 X11 Xinerama extension library ii libxml2 2.6.21-0ubuntu1 GNOME XML library ii libxrandr2 1:1.0.2-2 X11 RandR extension library ii libxrender1 1:0.9.0-1 X Rendering Extension client libra ii zlib1g 1:1.2.3-3ubuntu4 compression library - runtime Versions of packages evolution recommends: ii evolution-plugins 2.4.1-0ubuntu7 All bundled plugins for Evolution ii gnome-desktop-data 2.12.1-0ubuntu1 Common files for GNOME 2 desktop a ii gnome-pilot-conduits 2.0.13-0ubuntu2 conduits for gnome-pilot pn mozilla-psm <none> (no description available) ii spamassassin 3.0.4-2 Perl-based spam filter using text -- no debconf information -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs