Explore top 10 tips to secure your open-source projects now. Read More
×Several vulnerabilities have been found in evolution-data-server, the
database backend server for the evolution groupware suite. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-0587
It was discovered that evolution-data-server is prone to integer
overflows triggered by large base64 strings.
CVE-2009-0547
Joachim Breitner discovered that S/MIME signatures are not verified
properly, which can lead to spoofing attacks.
CVE-2009-0582
It was discovered that NTLM authentication challenge packets are not
validated properly when using the NTLM authentication method, which
could lead to an information disclosure or a denial of service.
For the oldstable distribution (etch), these problems have been fixed in
version 1.6.3-5etch3.
For the stable distribution (lenny), these problems have been fixed in
version 2.22.3-1.1+lenny2.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 2.26.1.1-1.
We recommend ...
Get the latest Linux and open source security news straight to your inbox.