Package: evolution
Severity: wishlist
Although format string vulnerabilities are becoming less common
in general, they're still occasionally being found in Evolution,
e.g. CVE-2007-1002 and CVE-2008-0072 in the recent two years.
Building with -D_FORTIFY_SOURCE=2 prevents exploitability for
many format string attacks. Could you build Lenny's Evolution
with it enabled?
Please see the package hardening-wrapper for easy testing and
the README.Debian included within.
Cheers,
Moritz
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.25-2-686 (SMP w/1 CPU core)
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
