Evolution denial of service bug ...

[Marcus Meissner <meissner () suse de>]

Hi,

We received a bugreport for Evolution from "Francis Provencher for Protek Research Lab's"
(protekresearchlab () yahoo ca).

The issue is that if Evolution accesses a malicious POP3 server the latter
can by sending an overly long ERR message cause a X11 error (BadAlloc)
likely due to a overly wide Message Box and so cause evolution to abort.

The commit in evolution that fixes it:
http://git.gnome.org/browse/evolution-data-server/commit/?id=22854733409fddf3e313cc637ce3a0309159b41f
it also checks for utf-8 validity.


I am still undecided whether this is a real security issue or not. On
one hand getting rid of this malicious server from evolution might
be difficult if it is auto-opened. On the other hand, malicious servers
have also other denial of service possibilities (like sending 1000000+ mailheaders).

Ciao, Marcus