Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorysecurity updatebuffer overflow

Scientific Linux: Important Update for Evolution28 iCalendar Security

Important: evolution28 security update. Date: Thu, 5 Jun 2008 15:22:29 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for evolution28 on SL4.6 i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Important: evolution28 security update Issue date: 2008-06-04 CVE Names: CVE-2008-1108 CVE-2008-1109 A flaw was found in the way Evolution parsed iCalendar timezone attachment data. If the Itip Formatter plug-in was disabled and a user opened a mail with a carefully crafted iCalendar attachment, arbitrary code could be executed as the user running Evolution. (CVE-2008-1108) Note: the Itip Formatter plug-in, which allows calendar information (attachments with a MIME type of "text/calendar") to be displayed as part of the e-mail message, is enabled by default. A heap-based buffer overflow flaw was found in the way Evolution parsed iCalendar attachments with an overly long "DESCRIPTION" property string. If a user responded to a carefully crafted iCalendar attachment in a particular way, arbitrary code could be executed as the user running Evolution. (CVE-2008-1109). SL 4.x SRPMS: evolution28-2.8.0-53.el4_6.3.src.rpm i386: evolution28-2.8.0-53.el4_6.3.i386.rpm evolution28-devel-2.8.0-53.el4_6.3.i386.rpm x86_64: evolution28-2.8.0-53.el4_6.3.x86_64.rpm evolution28-devel-2.8.0-53.el4_6.3.x86_64.rpm -Connie Sieh -Troy Dawson . Important security notice for Scientific Linux: evolution28 addresses vulnerabilities related to buffer overflow and risks of arbitrary code execution.. Scientific Linux, Security Update, evolution28, Buffer Overflow, Code Execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 05, 2008 Important Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatbuffer overflow

Red Hat 4: RHSA-2008:0515-01 Important: Evolution28 Buffer Overflow

Updated evolution28 packages that address two buffer overflow vulnerabilities are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Important: evolution28 security update Advisory ID: RHSA-2008:0515-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2008:0515.html Issue date: 2008-06-04 CVE Names: CVE-2008-1108 CVE-2008-1109 ==================================================================== 1. Summary: Updated evolution28 packages that address two buffer overflow vulnerabilities are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Evolution is the integrated collection of e-mail, calendaring, contact management, communications and personal information management (PIM) tools for the GNOME desktop environment. A flaw was found in the way Evolution parsed iCalendar timezone attachment data. If the Itip Formatter plug-in was disabled and a user opened a mail with a carefully crafted iCalendar attachment, arbitrary code could be executed as the user running Evolution. (CVE-2008-1108) Note: the Itip Formatter plug-in, which allows calendar information (attachments with a MIME type of "text/calendar") to be displayed as part of the e-mail message, is enabled by default. A heap-based buffer overflow flaw was found in the way Evolution parsed iCalendar attachments withan overly long "DESCRIPTION" property string. If a user responded to a carefully crafted iCalendar attachment in a particular way, arbitrary code could be executed as the user running Evolution. (CVE-2008-1109). The particular response required to trigger this vulnerability was as follows: 1. Receive the carefully crafted iCalendar attachment. 2. Accept the associated meeting. 3. Open the calender the meeting was in. 4. Reply to the sender. Red Hat would like to thank Alin Rad Pop of Secunia Research for responsibly disclosing these issues. All Evolution users should upgrade to these updated packages, which contain backported patches which resolves these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 448540 - CVE-2008-1108 evolution: iCalendar buffer overflow via large timezone specification 448541 - CVE-2008-1109 evolution: iCalendar buffer overflow via large description parameter 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: evolution28-2.8.0-53.el4_6.3.i386.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.i386.rpm evolution28-devel-2.8.0-53.el4_6.3.i386.rpm ia64: evolution28-2.8.0-53.el4_6.3.ia64.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.ia64.rpm evolution28-devel-2.8.0-53.el4_6.3.ia64.rpm ppc: evolution28-2.8.0-53.el4_6.3.ppc.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.ppc.rpm evolution28-devel-2.8.0-53.el4_6.3.ppc.rpm s390: evolution28-2.8.0-53.el4_6.3.s390.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.s390.rpm evolution28-devel-2.8.0-53.el4_6.3.s390.rpm s390x: evolution28-2.8.0-53.el4_6.3.s390x.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.s390x.rpm evolution28-devel-2.8.0-53.el4_6.3.s390x.rpm x86_64: evolution28-2.8.0-53.el4_6.3.x86_64.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.x86_64.rpm evolution28-devel-2.8.0-53.el4_6.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: i386: evolution28-2.8.0-53.el4_6.3.i386.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.i386.rpm evolution28-devel-2.8.0-53.el4_6.3.i386.rpm x86_64: evolution28-2.8.0-53.el4_6.3.x86_64.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.x86_64.rpm evolution28-devel-2.8.0-53.el4_6.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: evolution28-2.8.0-53.el4_6.3.i386.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.i386.rpm evolution28-devel-2.8.0-53.el4_6.3.i386.rpm ia64: evolution28-2.8.0-53.el4_6.3.ia64.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.ia64.rpm evolution28-devel-2.8.0-53.el4_6.3.ia64.rpm x86_64: evolution28-2.8.0-53.el4_6.3.x86_64.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.x86_64.rpm evolution28-devel-2.8.0-53.el4_6.3.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: evolution28-2.8.0-53.el4_6.3.i386.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.i386.rpm evolution28-devel-2.8.0-53.el4_6.3.i386.rpm ia64: evolution28-2.8.0-53.el4_6.3.ia64.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.ia64.rpm evolution28-devel-2.8.0-53.el4_6.3.ia64.rpm x86_64: evolution28-2.8.0-53.el4_6.3.x86_64.rpm evolution28-debuginfo-2.8.0-53.el4_6.3.x86_64.rpm evolution28-devel-2.8.0-53.el4_6.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2008-1108 https://www.cve.org/CVERecord?id=CVE-2008-1109 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. . Recent updates to the evolution28 packages tackle critical buffer overflow vulnerabilities present in Red Hat Enterprise Linux 4.. evolution28 Security Update, Red Hat Update, Buffer Overflow Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 04, 2008 Important Red Hat
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here