-
evolution (2.10.1-0ubuntu2.4) feisty-security; urgency=low
* SECURITY UPDATE: buffer overflow via timezone data in crafted ical
attachments
* debian/patches/99_01_CVE-2008-1108.patch: adjust
calendar/gui/e-itip-control.c to use a GString rather than a fixed-size
buffer to build the HTML string to avoid the possibility of an overflow.
* SECURITY UPDATE: heap-based overflow via crafted ical attachments with
long DESCRIPTION
* debian/patches/99_02_CVE-2008-1109.patch: adjust calendar/gui/itip-utils.c
to not use a fixed-size buffer for parsing external data. Simplify the
logic to just split and rejoin the string with a different line separator.
* SECURITY UPDATE: remotely triggered denial of service
* debian/patches/99_03_bug535459.patch: add sanity checks and don't use
component when checks fail in plugins/itip-formatter.c, gui/itip-utils.h,
gui/itip-utils.c, gui/e-itip-control.c
* References
CVE-2008-1108
CVE-2008-1109
http://bugzilla.gnome.org/show_bug.cgi?id=535459
-- Jamie Strandboge <email address hidden> Thu, 05 Jun 2008 07:09:56 -0400
-
evolution (2.10.1-0ubuntu2.1) feisty-security; urgency=low
* SECURITY UPDATE: code execution via format string in encrypted emails.
* Add 99_00_encryption_format_string_fix.patch: upstream fixes from
Srinivasa Ragavan.
* References
CVE-2008-0072
-- Kees Cook <email address hidden> Tue, 04 Mar 2008 11:43:05 -0800
-
evolution (2.10.1-0ubuntu2) feisty; urgency=low
* debian/patches/90_list_arabic_encoding.patch:
- change by Martin Jürgens to list arabic encoding (Ubuntu: #82322)
* debian/patches/91_revert_uri_change.patch:
- revert the change that broke the command line calendar opening
(Ubuntu: #84554)
-- Sebastien Bacher <email address hidden> Tue, 10 Apr 2007 23:09:02 +0200
-
evolution (2.10.1-0ubuntu1) feisty; urgency=low
* New upstream version
* debian/patches/04_autoreconf.patch:
- updated
* debian/patches/93_fix_memo_format_string.patch:
- dropped, fixed with the new version
-- Sebastien Bacher <email address hidden> Mon, 9 Apr 2007 19:28:47 +0200
-
evolution (2.10.0-0ubuntu2) feisty; urgency=low
* SECURITY UPDATE: format string overflow via share memo categories.
* debian/patches/93_fix_memo_format_string.patch: protect category list.
* References
CVE-2007-1002
-- Kees Cook <email address hidden> Thu, 22 Mar 2007 16:12:05 -0700
-
evolution (2.10.0-0ubuntu1) feisty; urgency=low
* New upstream version:
- workaround "evolution crashed with SIGSEGV in ect_check()"
(Ubuntu: #88090)
* debian/control:
- updated for gtkhtml versionning change
* debian/evolution-2.2.desktop:
- updated to use non versionned command and icon
* debian/patches/02_icon.patch:
- dropped, the icon name has changed upstream (Ubuntu: #88439)
* debian/patches/04_autoreconf.patch:
- updated
-- Sebastien Bacher <email address hidden> Tue, 13 Mar 2007 12:40:26 +0100
-
evolution (2.9.92-0ubuntu1) feisty; urgency=low
* New upstream version:
- Fix "Evolution should use GtkAboutDialog" (Ubuntu: #3226)
- Fix "Random contact gets selected after deleting a contact"
(Ubuntu: #24924)
- Fix "evolution message send options error" (Ubuntu: #84834)
* debian/evolution-common.install:
- updated list of files to install
* debian/patches/04_autoreconf.patch:
- new upstream version
-- Sebastien Bacher <email address hidden> Tue, 27 Feb 2007 01:38:06 +0100
-
evolution (2.9.91-0ubuntu2) feisty; urgency=low
* debian/control:
- use Desktop Team for Maintainer
* debian/evolution-alarm-notify.desktop
- use "OnlyShowIn=GNOME;" (Ubuntu: #85834)
-- Sebastien Bacher <email address hidden> Sun, 18 Feb 2007 14:15:58 +0100
-
evolution (2.9.91-0ubuntu1) feisty; urgency=low
* New upstream version
* debian/control:
- require the new evolution-data-server
* debian/patches/04_autoreconf.patch:
- updated
-- Sebastien Bacher <email address hidden> Mon, 12 Feb 2007 18:41:10 +0100
-
evolution (2.9.6-0ubuntu1) feisty; urgency=low
* New upstream version
* debian/control:
- updated the GTK requirement for GtkPrint
- updated the evolution-plugins package description
to list the new imap-features plugin
* debian/evolution-plugins.install:
- list the new imap-features plugin
* debian/patches/04_autoreconf.patch:
- updated
-- Sebastien Bacher <email address hidden> Tue, 23 Jan 2007 14:15:49 +0100
-
evolution (2.9.5-0ubuntu1) feisty; urgency=low
* New upstream version
* debian/patches/04_autoreconf.patch:
- updated
* debian/patches/90_build_with_new_pisock.patch:
- dropped, not required with the new version
-- Sebastien Bacher <email address hidden> Mon, 8 Jan 2007 21:17:58 +0100
-
evolution (2.9.4-0ubuntu1) feisty; urgency=low
* New upstream version
* debian/control:
- require evolution-data-server 1.9.4
-- Sebastien Bacher <email address hidden> Tue, 19 Dec 2006 17:38:11 +0100
-
evolution (2.9.3-0ubuntu3) feisty; urgency=low
* debian/evolution-mail.desktop:
- drop translations from the file, we can use rosetta for that
* debian/evolution-mail.desktop.in:
- new file used for the translations template
* debian/patches/08_to_translate_list_update.patch:
- list the new evolution-mail.desktop.in to translate
-- Sebastien Bacher <email address hidden> Fri, 8 Dec 2006 14:48:56 +0100
-
evolution (2.9.3-0ubuntu2) feisty; urgency=low
* debian/control:
- Build-Depends on gnome-doc-utils (>= 0.3.2)
-- Sebastien Bacher <email address hidden> Thu, 7 Dec 2006 10:44:32 +0100
-
evolution (2.9.3-0ubuntu1) feisty; urgency=low
* New upstream version
* debian/patches/04_autoreconf.patch:
- updated
-- Sebastien Bacher <email address hidden> Tue, 5 Dec 2006 10:39:11 +0100
-
evolution (2.9.2-0ubuntu1) feisty; urgency=low
* Sync with Debian
* New upstream version
* debian/control:
- Build-Depends on libnss-dev (firefox) rather than libnss3-dev (xulrunner)
- Build-Depends on liblpint-bonobo-dev for the lpi patch
- evolution-plugins recommends bogofilter alternative to spamassassin.
- require the new evolution-data-server
- updated evolution-common Replaces evolution version for Ubuntu
* debian/evolution.install:
- install autostart and new binaries backup and evolution-addressbook-clean
- list evolution-2.2.desktop
- updated for new version
* debian/evolution-plugins.install,
debian/evolution-plugins-experimental.install:
- prefer-plain is a standard plugin now
- updated for the new version
* debian/evolution-2.2.desktop:
- compatibility .desktop, update for new version
* debian/evolution.links:
- create an evolution-2.2 for compatibility
- updated for new version
* debian/evolution-alarm-notify.desktop: Autostart desktop file to start
evolution-alarm-notify with the session. No more missed appointments
because no notification went off! Closes: LP#62593
* debian/evolution-mail.desktop:
- updated with the Ubuntu version
* debian/evolution-plugins.install:
- install bogofilter plugin
* debian/patches/02_bogofilter.patch:
- took patch from
http://mail.gnome.org/archives/evolution-hackers/2005-December/msg00063.html,
made changes to configure.in,
* debian/patches/02_icon.patch:
- fix the icon to use
* debian/patches/03_lpi.patch:
- launchpad-integration patch
* debian/patches/04_autoreconf.patch:
- autoreconf patch
* debian/patches/70_no-mail-remote-plugin.patch:
- updated
* debian/rules:
- build plugins "all" instead of "experimental"
- don't specify the paths for nspr and nss since the package is built
with firefox
- updated for new version
* debian/watch:
- updated
-- Sebastien Bacher <email address hidden> Wed, 29 Nov 2006 21:23:19 +0100
-
evolution (2.8.1-0ubuntu4) edgy; urgency=low
* debian/patches/92_from_cvs_fix_shell_crasher.patch:
- patch from CVS, fix crasher on closing (Ubuntu: #38455)
-- Sebastien Bacher <email address hidden> Mon, 16 Oct 2006 00:23:40 +0200
