Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2007:0353 - Security Advisory
Issued:
2007-05-17
Updated:
2007-05-17

RHSA-2007:0353 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: evolution security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated evolution packages that fix a security bug are now available for
Red Hat Enterprise Linux 3 and 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

Evolution is the GNOME collection of personal information management (PIM)
tools.

A flaw was found in the way Evolution processed certain APOP authentication
requests. A remote attacker could potentially acquire certain portions of a
user's authentication credentials by sending certain responses when
evolution-data-server attempted to authenticate against an APOP server.
(CVE-2007-1558)

All users of Evolution should upgrade to these updated packages, which
contain a backported patch which resolves this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server 3 x86_64
  • Red Hat Enterprise Linux Server 3 ia64
  • Red Hat Enterprise Linux Server 3 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Workstation 3 x86_64
  • Red Hat Enterprise Linux Workstation 3 ia64
  • Red Hat Enterprise Linux Workstation 3 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux Desktop 3 x86_64
  • Red Hat Enterprise Linux Desktop 3 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems 3 s390x
  • Red Hat Enterprise Linux for IBM z Systems 3 s390
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian 3 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5 ppc

Fixes

  • BZ - 238565 - CVE-2007-1558 Evolution APOP information disclosure

CVEs

  • CVE-2007-1558

References

  • http://www.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
evolution-2.0.2-35.0.2.el4.src.rpm SHA-256: 72c716efbec5ec4aefd2777b38f7d4773d2f0fc9782f56d4d4ea73f87285f617
x86_64
evolution-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: 833d8e381095a71eaa74c3a4d56e445c74a73889706ca3dca9b1f6a61937956f
evolution-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: 833d8e381095a71eaa74c3a4d56e445c74a73889706ca3dca9b1f6a61937956f
evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: c4e621a276bf571ebe7a232e4c4cbb7a5a8808e102c65991fafb1160652d636a
evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: c4e621a276bf571ebe7a232e4c4cbb7a5a8808e102c65991fafb1160652d636a
ia64
evolution-2.0.2-35.0.2.el4.ia64.rpm SHA-256: d653f339be9638367ff6c8e6bdee7b7e50290b269e72adcc185b1a5b1d11e009
evolution-2.0.2-35.0.2.el4.ia64.rpm SHA-256: d653f339be9638367ff6c8e6bdee7b7e50290b269e72adcc185b1a5b1d11e009
evolution-devel-2.0.2-35.0.2.el4.ia64.rpm SHA-256: 8d565f7714492b3121519a44fc88dac147e02e30fa9e4770919545a994b17ea3
evolution-devel-2.0.2-35.0.2.el4.ia64.rpm SHA-256: 8d565f7714492b3121519a44fc88dac147e02e30fa9e4770919545a994b17ea3
i386
evolution-2.0.2-35.0.2.el4.i386.rpm SHA-256: edeb8eb6c72a6fff06b7d91848e3d0540090276e8ad7aa64720d124fd45dd973
evolution-2.0.2-35.0.2.el4.i386.rpm SHA-256: edeb8eb6c72a6fff06b7d91848e3d0540090276e8ad7aa64720d124fd45dd973
evolution-devel-2.0.2-35.0.2.el4.i386.rpm SHA-256: 7a8351e3f8bcffc912f148fb0d57ad23db18e218ef461a6c8d46614ff71824a5
evolution-devel-2.0.2-35.0.2.el4.i386.rpm SHA-256: 7a8351e3f8bcffc912f148fb0d57ad23db18e218ef461a6c8d46614ff71824a5

Red Hat Enterprise Linux Server 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5

SRPM
evolution-2.0.2-35.0.2.el4.src.rpm SHA-256: 72c716efbec5ec4aefd2777b38f7d4773d2f0fc9782f56d4d4ea73f87285f617
x86_64
evolution-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: 833d8e381095a71eaa74c3a4d56e445c74a73889706ca3dca9b1f6a61937956f
evolution-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: 833d8e381095a71eaa74c3a4d56e445c74a73889706ca3dca9b1f6a61937956f
evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: c4e621a276bf571ebe7a232e4c4cbb7a5a8808e102c65991fafb1160652d636a
evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: c4e621a276bf571ebe7a232e4c4cbb7a5a8808e102c65991fafb1160652d636a
ia64
evolution-2.0.2-35.0.2.el4.ia64.rpm SHA-256: d653f339be9638367ff6c8e6bdee7b7e50290b269e72adcc185b1a5b1d11e009
evolution-2.0.2-35.0.2.el4.ia64.rpm SHA-256: d653f339be9638367ff6c8e6bdee7b7e50290b269e72adcc185b1a5b1d11e009
evolution-devel-2.0.2-35.0.2.el4.ia64.rpm SHA-256: 8d565f7714492b3121519a44fc88dac147e02e30fa9e4770919545a994b17ea3
evolution-devel-2.0.2-35.0.2.el4.ia64.rpm SHA-256: 8d565f7714492b3121519a44fc88dac147e02e30fa9e4770919545a994b17ea3
i386
evolution-2.0.2-35.0.2.el4.i386.rpm SHA-256: edeb8eb6c72a6fff06b7d91848e3d0540090276e8ad7aa64720d124fd45dd973
evolution-2.0.2-35.0.2.el4.i386.rpm SHA-256: edeb8eb6c72a6fff06b7d91848e3d0540090276e8ad7aa64720d124fd45dd973
evolution-devel-2.0.2-35.0.2.el4.i386.rpm SHA-256: 7a8351e3f8bcffc912f148fb0d57ad23db18e218ef461a6c8d46614ff71824a5
evolution-devel-2.0.2-35.0.2.el4.i386.rpm SHA-256: 7a8351e3f8bcffc912f148fb0d57ad23db18e218ef461a6c8d46614ff71824a5

Red Hat Enterprise Linux Workstation 4

SRPM
evolution-2.0.2-35.0.2.el4.src.rpm SHA-256: 72c716efbec5ec4aefd2777b38f7d4773d2f0fc9782f56d4d4ea73f87285f617
x86_64
evolution-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: 833d8e381095a71eaa74c3a4d56e445c74a73889706ca3dca9b1f6a61937956f
evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: c4e621a276bf571ebe7a232e4c4cbb7a5a8808e102c65991fafb1160652d636a
ia64
evolution-2.0.2-35.0.2.el4.ia64.rpm SHA-256: d653f339be9638367ff6c8e6bdee7b7e50290b269e72adcc185b1a5b1d11e009
evolution-devel-2.0.2-35.0.2.el4.ia64.rpm SHA-256: 8d565f7714492b3121519a44fc88dac147e02e30fa9e4770919545a994b17ea3
i386
evolution-2.0.2-35.0.2.el4.i386.rpm SHA-256: edeb8eb6c72a6fff06b7d91848e3d0540090276e8ad7aa64720d124fd45dd973
evolution-devel-2.0.2-35.0.2.el4.i386.rpm SHA-256: 7a8351e3f8bcffc912f148fb0d57ad23db18e218ef461a6c8d46614ff71824a5

Red Hat Enterprise Linux Workstation 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Desktop 4

SRPM
evolution-2.0.2-35.0.2.el4.src.rpm SHA-256: 72c716efbec5ec4aefd2777b38f7d4773d2f0fc9782f56d4d4ea73f87285f617
x86_64
evolution-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: 833d8e381095a71eaa74c3a4d56e445c74a73889706ca3dca9b1f6a61937956f
evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm SHA-256: c4e621a276bf571ebe7a232e4c4cbb7a5a8808e102c65991fafb1160652d636a
i386
evolution-2.0.2-35.0.2.el4.i386.rpm SHA-256: edeb8eb6c72a6fff06b7d91848e3d0540090276e8ad7aa64720d124fd45dd973
evolution-devel-2.0.2-35.0.2.el4.i386.rpm SHA-256: 7a8351e3f8bcffc912f148fb0d57ad23db18e218ef461a6c8d46614ff71824a5

Red Hat Enterprise Linux Desktop 3

SRPM
x86_64
i386

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
evolution-2.0.2-35.0.2.el4.src.rpm SHA-256: 72c716efbec5ec4aefd2777b38f7d4773d2f0fc9782f56d4d4ea73f87285f617
s390x
evolution-2.0.2-35.0.2.el4.s390x.rpm SHA-256: 386db4b2f2d1b35c95b753848e3d680a7aed90e15343c32d217e8b9f4728f072
evolution-devel-2.0.2-35.0.2.el4.s390x.rpm SHA-256: e138a287575395d70b4d6eb70a4c9f43dfc6ea2721e1dec8d934ff6930f2d8d8
s390
evolution-2.0.2-35.0.2.el4.s390.rpm SHA-256: ef08fb59a9036e8f219704b14ae575fbe315831eed683984053301aa4a0e7463
evolution-devel-2.0.2-35.0.2.el4.s390.rpm SHA-256: e0faddc9f2fe0b6dd68bf9fd57f4c9fa1c0b5f5bf02b48790727fbc4676258c3

Red Hat Enterprise Linux for IBM z Systems 3

SRPM
s390x
s390

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5

SRPM
evolution-2.0.2-35.0.2.el4.src.rpm SHA-256: 72c716efbec5ec4aefd2777b38f7d4773d2f0fc9782f56d4d4ea73f87285f617
s390x
evolution-2.0.2-35.0.2.el4.s390x.rpm SHA-256: 386db4b2f2d1b35c95b753848e3d680a7aed90e15343c32d217e8b9f4728f072
evolution-devel-2.0.2-35.0.2.el4.s390x.rpm SHA-256: e138a287575395d70b4d6eb70a4c9f43dfc6ea2721e1dec8d934ff6930f2d8d8
s390
evolution-2.0.2-35.0.2.el4.s390.rpm SHA-256: ef08fb59a9036e8f219704b14ae575fbe315831eed683984053301aa4a0e7463
evolution-devel-2.0.2-35.0.2.el4.s390.rpm SHA-256: e0faddc9f2fe0b6dd68bf9fd57f4c9fa1c0b5f5bf02b48790727fbc4676258c3

Red Hat Enterprise Linux for Power, big endian 4

SRPM
evolution-2.0.2-35.0.2.el4.src.rpm SHA-256: 72c716efbec5ec4aefd2777b38f7d4773d2f0fc9782f56d4d4ea73f87285f617
ppc
evolution-2.0.2-35.0.2.el4.ppc.rpm SHA-256: 805300ff46fca4bcacd86486e9456a585325e7a144454ea5d3f00f5fc612f3e0
evolution-devel-2.0.2-35.0.2.el4.ppc.rpm SHA-256: 0f0a0863009f86faab367eab6eda6f4dfa67a6078eae23bdac53ee14f62bcd4c

Red Hat Enterprise Linux for Power, big endian 3

SRPM
ppc

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5

SRPM
evolution-2.0.2-35.0.2.el4.src.rpm SHA-256: 72c716efbec5ec4aefd2777b38f7d4773d2f0fc9782f56d4d4ea73f87285f617
ppc
evolution-2.0.2-35.0.2.el4.ppc.rpm SHA-256: 805300ff46fca4bcacd86486e9456a585325e7a144454ea5d3f00f5fc612f3e0
evolution-devel-2.0.2-35.0.2.el4.ppc.rpm SHA-256: 0f0a0863009f86faab367eab6eda6f4dfa67a6078eae23bdac53ee14f62bcd4c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter