Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 155375 - CAN-2005-0102 Integer overflow in camel-lock-helper
Summary: CAN-2005-0102 Integer overflow in camel-lock-helper
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: evolution
Version: 4.0
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
: ---
Assignee: Dave Malcolm
QA Contact:
URL:
Whiteboard: impact=low,source=vendorsec,reported=...
Depends On:
Blocks: 155503
TreeView+ depends on / blocked
 
Reported: 2005-04-19 18:10 UTC by Dave Malcolm
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-05-04 15:06:01 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2005:397 0 normal SHIPPED_LIVE Moderate: evolution security update 2005-05-04 04:00:00 UTC

Description Dave Malcolm 2005-04-19 18:10:20 UTC
email from bressers:
        Message by NotZed:
       
http://lists.ximian.com/archives/public/evolution-patches/2005-January/008672.html

        CVS commit:
       
http://cvs.gnome.org/viewcvs/evolution/camel/camel-lock-helper.c?rev=1.7&hideattic=0&view=log

        We don't set the camel-lock-helper executable suid or sgid.  I belive
        this is a non issue then.

        CAN-2005-0102

        Dave said it's not suid/sgid for us and can't be affected by
        an email message -- however it's only not setuid because we    
        don't build the srpms as root, if we did it would be - hence
        we need an update for this, but "low" severity

        impact=low,source=vendorsec,reported=20050124

Comment 1 Dave Malcolm 2005-04-20 22:18:15 UTC
built; will be part of RHSA-2005:397

Comment 2 Josh Bressers 2005-05-04 15:06:01 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-397.html



Note You need to log in before you can comment on or make changes to this bug.