Bug 80334 (CVE-2005-0806)

Summary: VUL-0: CVE-2005-0806: evolution DoS
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: IncidentsAssignee: E-mail List <gnome-bugs>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard: CVE-2005-0806: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Ludwig Nussel 2005-04-25 13:18:14 UTC 
We received the following report via security@suse.de.
The issue is public.

CAN-2005-0806 is not in bugzilla, did we fix that already?

- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-338
2005-04-22
- ---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : evolution
Version     : 2.0.4
Release     : 4
Summary     : GNOME's next-generation groupware suite
Description :
Evolution is the GNOME mailer, calendar, contact manager and
communications tool.  The tools which make up Evolution will
be tightly integrated with one another and act as a seamless
personal information-management tool.

- ---------------------------------------------------------------------

* Fri Apr 22 2005 David Malcolm <dmalcolm@redhat.com> - 2.0.4-4

- - Added the correct patch this time

* Wed Apr 20 2005 David Malcolm <dmalcolm@redhat.com> - 2.0.4-3

- - Added patch for #155378 (CAN-2005-0806)
- - Updated mozilla_build_version from 1.7.6 to 1.7.7


- ---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

d1d9f7e91d2dcabe95b96f17dbc6e955  SRPMS/evolution-2.0.4-4.src.rpm
de9c927756f2e3c416c1e90173d64cac  x86_64/evolution-2.0.4-4.x86_64.rpm
056c4eec55e773f143426867c488352c  x86_64/evolution-devel-2.0.4-4.x86_64.rpm
53767f18bfc52fcac846f1b4f6bde00a  
x86_64/debug/evolution-debuginfo-2.0.4-4.x86_64.rpm
683dad62220397672ef9449dbb77950a  i386/evolution-2.0.4-4.i386.rpm
49a25ecfc03f69b2b218da9a69dc4adb  i386/evolution-devel-2.0.4-4.i386.rpm
b33c58c7f38880d075352bba8e66e7fc  
i386/debug/evolution-debuginfo-2.0.4-4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
Comment 1 Stanislav Brabec 2005-04-25 14:36:07 UTC 
It looks like
fedora (evolution-2.0.4-fix-for-CAN-2005-0806.patch) = suse (272609camel.patch)
+ suse (272609mail.patch).

*** This bug has been marked as a duplicate of 66996 ***
Comment 2 Thomas Biege 2009-10-13 21:18:56 UTC 
CVE-2005-0806: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)