- Add patch for CVE-2008-0072 (format string vulnerability).

evolution-2.21.92-CVE-2008-0072.patch

@@ -0,0 +1,48 @@
+diff -up evolution-2.21.92/mail/em-format.c.CVE-2008-0072 evolution-2.21.92/mail/em-format.c
+--- evolution-2.21.92/mail/em-format.c.CVE-2008-0072	2008-01-27 22:59:48.000000000 -0500
++++ evolution-2.21.92/mail/em-format.c	2008-03-04 15:40:29.000000000 -0500
+@@ -1193,7 +1193,7 @@ emf_application_xpkcs7mime(EMFormat *emf
+ 	opart = camel_mime_part_new();
+ 	valid = camel_cipher_decrypt(context, part, opart, ex);
+ 	if (valid == NULL) {
+-		em_format_format_error(emf, stream, ex->desc?ex->desc:_("Could not parse S/MIME message: Unknown error"));
++		em_format_format_error(emf, stream, "%s", ex->desc?ex->desc:_("Could not parse S/MIME message: Unknown error"));
+ 		em_format_part_as(emf, stream, part, NULL);
+ 	} else {
+ 		if (emfc == NULL)
+@@ -1350,7 +1350,7 @@ emf_multipart_encrypted(EMFormat *emf, C
+ 	if (valid == NULL) {
+ 		em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP/MIME message"):_("Could not parse PGP/MIME message: Unknown error"));
+ 		if (ex->desc)
+-			em_format_format_error(emf, stream, ex->desc);
++			em_format_format_error(emf, stream, "%s", ex->desc);
+ 		em_format_part_as(emf, stream, part, "multipart/mixed");
+ 	} else {
+ 		if (emfc == NULL)
+@@ -1515,7 +1515,7 @@ emf_multipart_signed(EMFormat *emf, Came
+ 		if (valid == NULL) {
+ 			em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature"));
+ 			if (ex->desc)
+-				em_format_format_error(emf, stream, ex->desc);
++				em_format_format_error(emf, stream, "%s", ex->desc);
+ 			em_format_part_as(emf, stream, part, "multipart/mixed");
+ 		} else {
+ 			if (emfc == NULL)
+@@ -1586,7 +1586,7 @@ emf_inlinepgp_signed(EMFormat *emf, Came
+ 	if (!valid) {
+ 		em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature"));
+ 		if (ex->desc)
+-			em_format_format_error(emf, stream, ex->desc);
++			em_format_format_error(emf, stream, "%s", ex->desc);
+ 		em_format_format_source(emf, stream, ipart);
+ 		/* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */
+ 		camel_exception_free(ex);
+@@ -1658,7 +1658,7 @@ emf_inlinepgp_encrypted(EMFormat *emf, C
+ 	if (!valid) {
+ 		em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP message"):_("Could not parse PGP message: Unknown error"));
+ 		if (ex->desc)
+-			em_format_format_error(emf, stream, ex->desc);
++			em_format_format_error(emf, stream, "%s", ex->desc);
+ 		em_format_format_source(emf, stream, ipart);
+ 		/* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */
+ 		camel_exception_free(ex);

evolution.spec

@@ -46,7 +46,7 @@
 
 Name: evolution
 Version: 2.21.92
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2 and GFDL+
 Group: Applications/Productivity
 Summary: GNOME's next-generation groupware suite
@@ -81,6 +81,9 @@ Patch14: evolution-2.7.1-no-gnome-common.patch
 # RH bug #176400
 Patch15: evolution-2.9.1-im-context-reset.patch
 
+# CVE-2008-0072
+Patch16: evolution-2.21.92-CVE-2008-0072.patch
+
 ## Dependencies ###
 
 Requires(post): GConf2
@@ -223,6 +226,7 @@ This package contains the plugin to filter junk mail using SpamAssassin.
 %patch13 -p1 -b .fix-conduit-dir
 %patch14 -p1 -b .no-gnome-common
 %patch15 -p1 -b .im-context-reset
+%patch16 -p1 -b .CVE-2008-0072
 
 mkdir -p krb5-fakeprefix/include
 mkdir -p krb5-fakeprefix/lib
@@ -650,6 +654,9 @@ rm -rf $RPM_BUILD_ROOT
 %{evo_plugin_dir}/liborg-gnome-sa-junk-plugin.so
 
 %changelog
+* Tue Mar 04 2008 Matthew Barnes <mbarnes@redhat.com> - 2.21.92-2.fc9
+- Add patch for CVE-2008-0072 (format string vulnerability).
+
 * Mon Feb 25 2008 Matthew Barnes <mbarnes@redhat.com> - 2.21.92-1.fc9
 - Update to 2.21.92
 - Bump eds_version to 2.21.92.