Red Hat Bugzilla – Bug 194108
CVE-2006-2789 Evolution DoS
Last modified: 2007-11-30 17:11:34 EST
Text taken from the CVE id.
Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if
sender in addressbook" is enabled, allows remote attackers to cause a
denial of service (persistent crash) via a crafted "From" header that
triggers an assert error in camel-internet-address.c when a null
pointer is used.
This report targets the FC3 or FC4 products, which have now been EOL'd.
Could you please check that it still applies to a current Fedora release, and
either update the target product or close it ?
Josh, any idea if this is still relevant in F7 or Rawhide?
I didn't see any ChangeLog entries mentioning the issue directly, but there's
been a lot of improvements to Camel since June 2006.
This was originally filed against FC4. Moving to "devel" until I can determine
its current status.
This CVE was fixed in Evolution 2.4.x. Closing.