Synopsis: Moderate: gnome-vfs2 security update Issue date: 2009-01-07 CVE Names: CVE-2005-0706 A buffer overflow flaw was discovered in the GNOME virtual file system when handling data returned by CDDB servers. If a user connected to a malicious CDDB server, an attacker could use this flaw to execute arbitrary code on the victim's machine. (CVE-2005-0706) All running GNOME sessions must be restarted for the update to take effect. SL 3.0.x SRPMS: gnome-vfs2-2.2.5-2E.3.3.src.rpm i386: gnome-vfs2-2.2.5-2E.3.3.i386.rpm gnome-vfs2-devel-2.2.5-2E.3.3.i386.rpm x86_64: gnome-vfs2-2.2.5-2E.3.3.i386.rpm gnome-vfs2-2.2.5-2E.3.3.x86_64.rpm gnome-vfs2-devel-2.2.5-2E.3.3.x86_64.rpm SL 4.x SRPMS: gnome-vfs2-2.8.2-8.7.el4_7.2.src.rpm i386: gnome-vfs2-2.8.2-8.7.el4_7.2.i386.rpm gnome-vfs2-devel-2.8.2-8.7.el4_7.2.i386.rpm gnome-vfs2-smb-2.8.2-8.7.el4_7.2.i386.rpm x86_64: gnome-vfs2-2.8.2-8.7.el4_7.2.i386.rpm gnome-vfs2-2.8.2-8.7.el4_7.2.x86_64.rpm gnome-vfs2-devel-2.8.2-8.7.el4_7.2.x86_64.rpm gnome-vfs2-smb-2.8.2-8.7.el4_7.2.x86_64.rpm -Connie Sieh -Troy Dawson