USN-733-1: evolution-data-server vulnerability
16 March 2009
It was discovered that the Base64 encoding functions in
evolution-data-server did not properly handle large strings. If a user were
tricked into opening a specially crafted image file, or tricked into
connecting to a malicious server, an attacker could possibly execute
arbitrary code with user privileges.
The problem can be corrected by updating your system to the following package versions:
After a standard system upgrade you need to restart Evolution to effect
the necessary changes.