openSUSE Security Update: evolution-data-server security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0216-1 Rating: moderate References: #475108 #568822 Cross-References: CVE-2009-0547 Affected Products: openSUSE 11.0 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: evolution considered S/MIME signatures to be valid even for modified mails (CVE-2009-0547). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.0: zypper in -t patch evolution-data-server-2333 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.0 (i586 ppc src x86_64): evolution-data-server-2.22.1.1-11.6 - openSUSE 11.0 (i586 ppc x86_64): evolution-data-server-devel-2.22.1.1-11.6 evolution-data-server-doc-2.22.1.1-11.6 - openSUSE 11.0 (x86_64): evolution-data-server-32bit-2.22.1.1-11.6 - openSUSE 11.0 (ppc): evolution-data-server-64bit-2.22.1.1-11.6 References: http://support.novell.com/security/cve/CVE-2009-0547.html https://bugzilla.novell.com/475108 https://bugzilla.novell.com/568822