Home > Security > Advisories


Mandriva Advisories

Package name gnomemeeting
Date February 21st, 2007
Advisory ID MDKSA-2007:045
Affected versions CS3.0
Synopsis Updated gnomemeeting packages fix string vulnerabilities

Problem Description

A format string flaw was discovered in how GnomeMeeting processes
certain messages, which could permit a remote attacker that can
connect to GnomeMeeting to potentially execute arbitrary code with
the privileges of the user running GnomeMeeting.

Updated package have been patched to correct this issue.

Updated Packages

Corporate Server 3.0

 15e2472f2e41ab47d507cfb491d7a28d  corporate/3.0/i586/gnomemeeting-0.98.5-5.1.C30mdk.i586.rpm 
 0e1008ad8663cf490f7fe9bffddcf05c  corporate/3.0/SRPMS/gnomemeeting-0.98.5-5.1.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 dfb6e715109f6134a3a8497de10fa75e  corporate/3.0/x86_64/gnomemeeting-0.98.5-5.1.C30mdk.x86_64.rpm 
 0e1008ad8663cf490f7fe9bffddcf05c  corporate/3.0/SRPMS/gnomemeeting-0.98.5-5.1.C30mdk.src.rpm




To upgrade automatically, use MandrivaUpdate.


Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.