gnomemeeting security update

2007-02-20T12:35:03
ID CESA-2007:0086
Type centos
Reporter CentOS Project
Modified 2007-02-21T17:31:46

Description

CentOS Errata and Security Advisory CESA-2007:0086

GnomeMeeting is a tool to communicate with video and audio over the Internet.

A format string flaw was found in the way GnomeMeeting processes certain messages. If a user is running GnomeMeeting, a remote attacker who can connect to GnomeMeeting could trigger this flaw and potentially execute arbitrary code with the privileges of the user. (CVE-2007-1007)

Users of GnomeMeeting should upgrade to these updated packages which contain a backported patch to correct this issue.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2007-February/013549.html http://lists.centos.org/pipermail/centos-announce/2007-February/013550.html http://lists.centos.org/pipermail/centos-announce/2007-February/013551.html http://lists.centos.org/pipermail/centos-announce/2007-February/013552.html http://lists.centos.org/pipermail/centos-announce/2007-February/013553.html http://lists.centos.org/pipermail/centos-announce/2007-February/013554.html http://lists.centos.org/pipermail/centos-announce/2007-February/013556.html http://lists.centos.org/pipermail/centos-announce/2007-February/013557.html

Affected packages: gnomemeeting

Upstream details at: https://rhn.redhat.com/errata/RHSA-2007-0086.html