Advisories

Mandriva Advisories

Package name	gnomemeeting
Date	February 21st, 2007
Advisory ID	MDKSA-2007:045
Affected versions	CS3.0
Synopsis	Updated gnomemeeting packages fix string vulnerabilities

Problem Description

A format string flaw was discovered in how GnomeMeeting processes
certain messages, which could permit a remote attacker that can
connect to GnomeMeeting to potentially execute arbitrary code with
the privileges of the user running GnomeMeeting.

Updated package have been patched to correct this issue.

Updated Packages

Corporate Server 3.0

 15e2472f2e41ab47d507cfb491d7a28d  corporate/3.0/i586/gnomemeeting-0.98.5-5.1.C30mdk.i586.rpm 
 0e1008ad8663cf490f7fe9bffddcf05c  corporate/3.0/SRPMS/gnomemeeting-0.98.5-5.1.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 dfb6e715109f6134a3a8497de10fa75e  corporate/3.0/x86_64/gnomemeeting-0.98.5-5.1.C30mdk.x86_64.rpm 
 0e1008ad8663cf490f7fe9bffddcf05c  corporate/3.0/SRPMS/gnomemeeting-0.98.5-5.1.C30mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1007

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer