+++ This bug was initially created as a clone of Bug #150687 +++
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows
remote attackers to execute arbitrary code via an e-mail message with certain
headers containing non-ASCII characters that are not properly handled when the
user replies to the message.
The upstream patch is here:
Fixed in 1.0.3-0.FC3
I forgot to mention that we also ship sylpheed in FC2 and it should also be
Also fixed in 1.0.3-0.FC2. thanks.