Rapid7 Vulnerability & Exploit Database

RHSA-2003:108: Updated Evolution packages fix multiple vulnerabilities

Back to Search

RHSA-2003:108: Updated Evolution packages fix multiple vulnerabilities

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
03/24/2003
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated Evolution packages are available which fix several vulnerabilities. [Updated 22 March 2003] New packages are included for Red Hat Linux 7.3 as the previous erratum packages lost support for SSL. [Updated 31 March 2003] New packages included for Red Hat Linux 9.

Evolution is a GNOME-based collection of personal information management (PIM) tools. Multiple vulnerabilities have been found in the Ximian Evolution email client. These vulnerabilities make it possible for a carefully crafted email to crash the program, cause general system instability through resource starvation, and get around security measures implemented within the program. Users of Evolution are advised to upgrade to these erratum packages. For Red Hat Linux 7.3, these packages update Evolution to version 1.0.8 with patches to correct these vulnerabilities. For Red Hat Linux 8.0, these packages contain backported security fixes which correct these vulnerabilities.

Solution(s)

  • redhat-upgrade-evolution
  • redhat-upgrade-gal
  • redhat-upgrade-gal-devel
  • redhat-upgrade-libgal19

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;