Bug#413280: gnomemeeting: Format string vulnerabilities
Moritz Muehlenhoff
jmm at debian.org
Sat Mar 3 23:04:16 UTC 2007
Package: gnomemeeting
Severity: grave
Tags: security
Justification: user security hole
While fixed for Ekiga, GnomeMeeting is still affected by unauthenticated,
remote format string flaws. I'm attaching the patch I used for stable,
but the proper fix is probably to remove gnomemeeting from Etch:
Why is gnomemeeting still in etch along with the new name Ekiga?
We can't support an arbitrary number of old packages just because
they have been renamed at some point in time; our archive it already
way too big.
Cheers,
Moritz
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 99_security-CVE-2007-1006.dpatch
Type: application/x-shellscript
Size: 6378 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20070303/0b91cdcb/99_security-CVE-2007-1006.bin
More information about the Pkg-voip-maintainers
mailing list