Red Hat Bugzilla – Bug 165236
CAN-2005-2550 Sitic Vulnerability Advisory: SA05-001 Evolution multiple remote format string bugs (RHEL3)
Last modified: 2007-11-30 17:07:08 EST
+++ This bug was initially created as a clone of Bug #165235 +++
(don't yet know if this affects RHEL3)
From versions given in description (see bug 165235) would appear not to affect
RHEL3. Haven't checked yet though.
It appears that at least part of the advisory may cover Evolution 1.4 and hence
RHEL3, and that there may be other similar vulnerabilities in RHEL3 (but not
RHEL4) that were not covered in Sitic's advisory.
The details: looking at their proposed patch:
calendar/gui/e-cal-component-preview.c: source file doesn't exist on RHEL3
evolution, appears to be no equivalent: OK
addressbook/gui/widgets/eab-contact-display.c: doesn't exist on RHEL3 evolution: OK
addressbook/gui/widgets directory: No usage of gtk_html_stream_printf: OK
calendar/gui/e-calendar-view.c: source file doesn't exist on RHEL3 evolution,
appears to be no equivalent: OK
calendar/gui/e-calendar-table.c: vulnerability appears to be relevant for RHEL3
Evolution, contradicting what is said in the advisory. BAD
calendar/gui directory: Have checked all usages of gtk_html_stream_printf: all
use constant hardcoded format strings.
Checking usage of fprintf: appear to be problems in saving views:
both contain an: fprintf (file, ical_string);
These fprintfs are not present in the RHEL4 version.
I didn't see that Security had been unflagged, and that last comment got sent to
Sorry. Have rechecked the Security Sensitive box.
See above two comments
Created attachment 117632 [details]
Proposed patch to 1.4.5 to fix format strings in calendar code
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.