Information on source package evolution

Available versions

ReleaseVersion
jessie3.12.9~git20141130.241663-1+deb8u1
stretch3.22.6-1+deb9u2
buster3.30.5-1.1
bullseye3.38.3-1+deb11u2
bookworm3.46.4-2
trixie3.54.1-1
sid3.54.1-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2020-11879vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in GNOME Evolution before 3.35.91. By using th ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2021-3349vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableGNOME Evolution through 3.38.3 produces a "Valid signature" message fo ...
CVE-2017-17689vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThe S/MIME specification allows a Cipher Block Chaining (CBC) malleabi ...
CVE-2013-4166vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThe gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNO ...
CVE-2011-3201vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableGNOME Evolution before 3.2.3 allows user-assisted remote attackers to ...
CVE-2007-1266vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableEvolution 2.8.1 and earlier does not properly use the --status-fd argu ...

Resolved issues

BugDescription
TEMP-0484639-8D3138missing sanity checks allow DoS via mis-formated timestamp
CVE-2018-15587GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being sp ...
CVE-2009-1631The Mailer component in Evolution 2.26.1 and earlier uses world-readab ...
CVE-2008-1109Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted re ...
CVE-2008-1108Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is ...
CVE-2008-0072Format string vulnerability in the emf_multipart_encrypted function in ...
CVE-2007-3257Camel (camel-imap-folder.c) in the mailer component for Evolution Data ...
CVE-2007-1002Format string vulnerability in the write_html function in calendar/gui ...
CVE-2006-2789Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if s ...
CVE-2006-0528The cairo library (libcairo), as used in GNOME Evolution and possibly ...
CVE-2006-0040GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a ...
CVE-2005-2550Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows re ...
CVE-2005-2549Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6. ...
CVE-2005-0806Evolution 2.0.3 allows remote attackers to cause a denial of service ( ...
CVE-2005-0102Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier a ...
CVE-2003-0541gtkhtml before 1.1.10, as used in Evolution, allows remote attackers t ...
CVE-2003-0296The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP serve ...
CVE-2003-0133GtkHTML, as included in Evolution before 1.2.4, allows remote attacker ...
CVE-2003-0130The handle_image function in mail-format.c for Ximian Evolution Mail U ...
CVE-2003-0129Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attac ...
CVE-2003-0128The try_uudecoding function in mail-format.c for Ximian Evolution Mail ...
CVE-2002-1765Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of ...
CVE-2002-1471The camel component for Ximian Evolution 1.0.x and earlier does not ve ...

Security announcements

DSA / DLADescription
DSA-4457-1evolution - security update
DLA-1766-1evolution - security update
DSA-1512-1evolution - remote code execution
DSA-1325-1evolution
DSA-1016-1evolution - format string vulnerabilities
DSA-673-1evolution - integer overflow
Search for package or bug name: Reporting problems