=========================================================== 
Ubuntu Security Notice USN-442-1             March 26, 2007
evolution vulnerability
CVE-2007-1002
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  evolution                                2.6.1-0ubuntu7.1

Ubuntu 6.10:
  evolution                                2.8.1-0ubuntu4.1

After a standard system upgrade you need to restart Evolution or reboot 
your computer to effect the necessary changes.

Details follow:

Ulf Harnhammar of Secunia Research discovered that Evolution did not 
correctly handle format strings when displaying shared memos.  If a 
remote attacker tricked a user into viewing a specially crafted shared 
memo, they could execute arbitrary code with user privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:   203008 2ae07aca07876171488a3742fcf6cd7d
          Size/MD5:     1402 70ff6cd8aba5ce24c06b89322023992f
          Size/MD5: 17037346 e2ba35f5eaa324d0eb552c1c87405042

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:  6577972 498a48802494560e62697f9d1fc7f9ce
          Size/MD5:   216282 e62eb68d84fc250692bbb2f306543f5e
          Size/MD5:   332896 dae270dbfc6e066649d6582b47026a03
          Size/MD5:  4955414 23d03c1b299f17cc35deeff387072b2c

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:  5741630 0f8ff4369f8532fda8ddf0e51cd520d0
          Size/MD5:   216300 1dea6eedc89ab62b30d305bae64cf280
          Size/MD5:   304794 537374fa643646397e4f190cf04c9a4f
          Size/MD5:  4696350 9a02afe119a2780003a153244fbfa6d8

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:  6512980 e13fc8bbc5d316072bdfc29dec731356
          Size/MD5:   216290 7a5b51f4d6242034010f228307f20cb1
          Size/MD5:   348122 bfa4413a04e17d2253f151707650848f
          Size/MD5:  4838568 24d0aa33e501a30354785c1fdc60a91b

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:  5824986 77f688641c4d4391196aae225c101ddf
          Size/MD5:   216314 7b7aa826df864586fd3081afe8e34dd3
          Size/MD5:   304758 1ea9ddcd94a5d2e096105832801e382a
          Size/MD5:  4781704 8b845a4b4cdc0c9bb98e6036698d4d18

Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:   362367 369d47c1902a4eded5b638c786ab222c
          Size/MD5:     1373 da428269e616e6f21d63266a0447424f
          Size/MD5: 17782443 0ce38f1ae7992e00eec3414e62cb3a59

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:  6569246 4cd8e2a6ee3c2b00253804d65ce2417e
          Size/MD5:   212314 43d020bb87ec8f9d00952d9f17f76cd3
          Size/MD5:   124000 95d482c09e7140b76afa9c8ae788fe39
          Size/MD5:  5341080 53a444b95c4275bf8e338251033aea4c

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:  6183514 debcc0562af15abf0049619b231a3851
          Size/MD5:   212326 833c45b1ac595d8b9c1fe0133f775f6f
          Size/MD5:   119026 f53322b9df228674cc5b5d5ec3b581a8
          Size/MD5:  5143056 3ad68c9a9a546379e4d37da97ea737e1

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:  6567094 0de2ecf5ac22debc34e62d4318bc1860
          Size/MD5:   212318 f2dcdcfcc4b2f157d258213a1ca6328e
          Size/MD5:   132218 cba1dff0546242060d83b58d03311d3e
          Size/MD5:  5242672 00e64b862a130607586770ee2329619f

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:  6084110 51e9855eb0669f30bf0d8c197901659f
          Size/MD5:   212320 68b6ce59b82753e10b4f481552970b77
          Size/MD5:   117242 cc20e0c7057bd6ef2ec2d84ef31b6c7e
          Size/MD5:  5151890 494d1c41a154f4ceb2830dd6fcfbc721