Yellow Dog Linux Security Announcement
--------------------------------------

Package:	evolution
Issue Date:	April 09, 2003
Priority:	medium
Advisory ID: 	YDU-20030409-2


1. 	Topic:

	Updated evolution packages are available.


2. 	Problem:

	Ximian Evolution, a groupware suite for GNOME, contains several 
	vulnerabilities that allow well-crafted emails to crash the 
	program and cause other instabilities.
	
	Evolution users are advised to upgrade to the following errata 
	packages that address these issues.


3. 	Solution:

   	a) Updating via apt...
   	We suggest that you use the apt-get program to keep your
   	system up-to-date. The following command(s) will retrieve
   	and install the fixed version of this update onto your system:

		apt-get update
		apt-get install evolution

   	b) Updating manually...
	Download the updates below and then run the following rpm command.
   	(Please use a mirror site)

		rpm -Fvh [filenames]
		Yellow Dog Linux 3.0
		ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0/
			ppc/evolution-1.2.2-5a.ppc.rpm
			SRPMS/evolution-1.2.2-5a.src.rpm

		Yellow Dog Linux 2.3
		ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-2.3/
			ppc/evolution-1.0.8-9.7x.1a.ppc.rpm
			SRPMS/evolution-1.0.8-9.7x.1a.src.rpm


4. Verification

MD5 checksum			  Package
--------------------------------  ----------------------------
[Yellow Dog Linux 3.0]
f6ec2c351e640bf9574b047579160d94   SRPMS/evolution-1.2.2-5a.src.rpm
5a7245ead4805cb7ea3ed3910e6864a0   ppc/evolution-1.2.2-5a.ppc.rpm

[Yellow Dog Linux 2.3]
96826b88e3fe6d1a4529194ef6f182e7  ppc/evolution-1.0.8-9.7x.1a.ppc.rpm
900ba3f0b698923fbc67a450723fa253  SRPMS/evolution-1.0.8-9.7x.1a.src.rpm

If you wish to verify that each package has not been corrupted or tampered with,
examine the md5sum with the following command: md5sum <filename>


5. Misc.

Terra Soft has setup a moderated mailing list where these security, bugfix, and package
enhancement announcements will be posted. See http://lists.terrasoftsolutions.com/ for more
information.

For information regarding the usage of apt-get, see:
http://www.yellowdoglinux.com/support/solutions/ydl_general/apt-get.shtml