SuSE Update for evolution,evolution-data-server SUSE-SA:2007:042

remote code execution
Please Install the Updated Packages.
A malicious IMAP server could execute code within evolution by sending a malformed response to a SEQUENCE command. CVE-2007-3257 This requires the user to connect to this malicious server (or a DNS entry of a good one replaced pointed to a malicious one) For older products the problematic code lives in the evolution package, for newer ones in the evolution-data-server package.
evolution,evolution-data-server on SUSE LINUX 10.1, openSUSE 10.2, Novell Linux Desktop 9, SUSE Linux Enterprise Desktop 10 SP1, SUSE Linux Enterprise Server 10 SP1