Package: evolution Version: 2.0.3-1.1 Severity: grave Justification: user security hole
Since yesterday's sid update, my Evolution only authenticate using plaintext login/password, whether you choose NTLM, DIGEST-MD5 or CRAM-MD5, introducing a security issue on non SSL accounts and denial of access on servers refusing plaintext authentications. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.9 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages evolution depends on: ii evolution-data-server 1.0.3-2 evolution database backend server ii gconf2 2.8.1-4 GNOME configuration database syste ii gnome-icon-theme 2.8.0-1 GNOME Desktop icon theme ii gtkhtml3.2 3.2.4-1 HTML rendering/editing library - b ii libart-2.0-2 2.3.16-6 Library of functions for 2D graphi ii libatk1.0-0 1.8.0-4 The ATK accessibility toolkit ii libaudiofile0 0.2.6-5 Open-source version of SGI's audio ii libbonobo2-0 2.8.0-4 Bonobo CORBA interfaces library ii libbonoboui2-0 2.8.0-2 The Bonobo UI library ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libcompfaceg1 1989.11.11-24 Compress/decompress images for mai ii libdb4.2 4.2.52-17 Berkeley v4.2 Database Libraries [ ii libebook8 1.0.3-2 Client library for evolution addre ii libecal6 1.0.3-2 Client library for evolution calen ii libedataserver3 1.0.3-2 Utily library for evolution data s ii libegroupwise6 1.0.3-2 Client library for accessing group ii libesd-alsa0 [libesd0] 0.2.35-2 Enlightened Sound Daemon (ALSA) - ii libfontconfig1 2.2.3-4 generic font configuration library ii libfreetype6 2.1.7-2.3 FreeType 2 font engine, shared lib ii libgail-common 1.8.2-1 GNOME Accessibility Implementation ii libgail17 1.8.2-1 GNOME Accessibility Implementation ii libgal2.2-1 2.2.4-1 G App Libs (run time library) ii libgal2.2-common 2.2.4-1 G App Libs (common files) ii libgconf2-4 2.8.1-4 GNOME configuration database syste ii libgcrypt11 1.2.0-11 LGPL Crypto library - runtime libr ii libglade2-0 1:2.4.1-1 Library to load .glade files at ru ii libglib2.0-0 2.4.8-1 The GLib library of C routines ii libgnome-keyring0 0.4.1-1 GNOME keyring services library ii libgnome-pilot2 2.0.12-1.1 Support libraries for gnome-pilot ii libgnome2-0 2.8.0-6 The GNOME 2 library - runtime file ii libgnomecanvas2-0 2.8.0-1 A powerful object-oriented display ii libgnomeprint2.2-0 2.8.2-1 The GNOME 2.2 print architecture - ii libgnomeprintui2.2-0 2.8.2-1 The GNOME 2.2 print architecture U ii libgnomeui-0 2.8.0-3 The GNOME 2 libraries (User Interf ii libgnomevfs2-0 2.8.3-8 The GNOME virtual file-system libr ii libgnutls11 1.0.16-13 GNU TLS library - runtime library ii libgpg-error0 1.0-1 library for common error values an ii libgtk2.0-0 2.4.14-2 The GTK+ graphical user interface ii libgtkhtml3.2-11 3.2.4-1 HTML rendering/editing library - r ii libice6 6.8.1-0.4 Inter-Client Exchange library ii libjpeg62 6b-9 The Independent JPEG Group's JPEG ii libldap2 2.1.30-3 OpenLDAP libraries ii libnspr4 2:1.7.5-1 Netscape Portable Runtime Library ii libnss3 2:1.7.5-1 Network Security Service Libraries ii liborbit2 1:2.10.2-1.1 libraries for ORBit2 - a CORBA ORB ii libpango1.0-0 1.6.0-3 Layout and rendering of internatio ii libpisock8 0.11.8-10 Library for communicating with a P ii libpisync0 0.11.8-10 Synchronization library for PalmOS ii libpopt0 1.7-5 lib for parsing cmdline parameters ii libsm6 6.8.1-0.4 X Window System Session Management ii libsoup2.2-7 2.2.1-1 an HTTP library implementation in ii libtasn1-2 0.2.10-4 Manage ASN.1 structures (runtime) ii libx11-6 6.8.1-0.4 X Window System protocol client li ii libxml2 2.6.11-5 GNOME XML library ii xlibs 6.8.1-0.4 X Window System client libraries m ii zlib1g 1:1.2.2-4 compression library - runtime -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
