Package name
gnome-vfs2
Date
2005-04-20
Advisory ID
MDKSA-2005:074
Affected versions
10.2 x86_64 , 10.2 i586 , 10.1 i586 , CS3.0 x86_64 , CS3.0 i586 , 10.1 x86_64

Problem description

A buffer overflow bug was found by Joseph VanAndel in the way that grip handles data returned by CDDB servers. If a user connected to a malicious CDDB server, an attacker could execute arbitrary code on the user's machine. This same vulnerability is present in the gnome-vfs2 code. The updated packages have been patched to correct these issues.

Updated packages

10.2 x86_64

 aa889240e8867ec7289578036104c623  x86_64/10.2/RPMS/gnome-vfs2-2.8.4-6.1.102mdk.x86_64.rpm
e7224a715c8ea987c077adea71e29279  x86_64/10.2/RPMS/lib64gnome-vfs2_0-2.8.4-6.1.102mdk.x86_64.rpm
9e681bf74cb71e378e9eb1307159e2ce  x86_64/10.2/RPMS/lib64gnome-vfs2_0-devel-2.8.4-6.1.102mdk.x86_64.rpm
ea5d978ff12a70686c29fd84c461558a  x86_64/10.2/SRPMS/gnome-vfs2-2.8.4-6.1.102mdk.src.rpm

10.2 i586

 f60b317e9d82a64311e8fa76db389fea  10.2/RPMS/gnome-vfs2-2.8.4-6.1.102mdk.i586.rpm
83aaa09f41d650de8c216fca5eb1b854  10.2/RPMS/libgnome-vfs2_0-2.8.4-6.1.102mdk.i586.rpm
a74279c606173fd42e83e6507a7c206b  10.2/RPMS/libgnome-vfs2_0-devel-2.8.4-6.1.102mdk.i586.rpm
ea5d978ff12a70686c29fd84c461558a  10.2/SRPMS/gnome-vfs2-2.8.4-6.1.102mdk.src.rpm

10.1 i586

 5239e6ab9f4a24c2989ff2317c743cb0  10.1/RPMS/gnome-vfs2-2.6.2-7.1.101mdk.i586.rpm
08d6d7dcebd62773620441ef1c35eb58  10.1/RPMS/libgnome-vfs2_0-2.6.2-7.1.101mdk.i586.rpm
2a7241618cf989091dcf75e60e2a1041  10.1/RPMS/libgnome-vfs2_0-devel-2.6.2-7.1.101mdk.i586.rpm
765d4f62ab8e314a96e419b5c51d540b  10.1/SRPMS/gnome-vfs2-2.6.2-7.1.101mdk.src.rpm

CS3.0 x86_64

 5645d370f2a7b81c17bff2c70a4a91c0  x86_64/corporate/3.0/RPMS/gnome-vfs2-2.4.2-5.1.C30mdk.x86_64.rpm
b78fb0708a038607dbb1f3d970a13bff  x86_64/corporate/3.0/RPMS/lib64gnome-vfs2_0-2.4.2-5.1.C30mdk.x86_64.rpm
5afd9d1f2c4193d72a0b2780c011bbf7  x86_64/corporate/3.0/RPMS/lib64gnome-vfs2_0-devel-2.4.2-5.1.C30mdk.x86_64.rpm
03ba3b26530b88ca8c18fb41f9681018  x86_64/corporate/3.0/SRPMS/gnome-vfs2-2.4.2-5.1.C30mdk.src.rpm

CS3.0 i586

 216b2f6d3459328b757d03336da09d38  corporate/3.0/RPMS/gnome-vfs2-2.4.2-5.1.C30mdk.i586.rpm
af59a9db5ce5ededd91d3b6dff4e7c39  corporate/3.0/RPMS/libgnome-vfs2_0-2.4.2-5.1.C30mdk.i586.rpm
2d1516b9c4ff998116c1dac5dabe95a5  corporate/3.0/RPMS/libgnome-vfs2_0-devel-2.4.2-5.1.C30mdk.i586.rpm
03ba3b26530b88ca8c18fb41f9681018  corporate/3.0/SRPMS/gnome-vfs2-2.4.2-5.1.C30mdk.src.rpm

10.1 x86_64

 4251d3ab183bbfbd0ef4a79b65740004  x86_64/10.1/RPMS/gnome-vfs2-2.6.2-7.1.101mdk.x86_64.rpm
c2b54afacf29f7148561a3e7f8bc3695  x86_64/10.1/RPMS/lib64gnome-vfs2_0-2.6.2-7.1.101mdk.x86_64.rpm
8c64c5379d83bf9e001617bae1935376  x86_64/10.1/RPMS/lib64gnome-vfs2_0-devel-2.6.2-7.1.101mdk.x86_64.rpm
765d4f62ab8e314a96e419b5c51d540b  x86_64/10.1/SRPMS/gnome-vfs2-2.6.2-7.1.101mdk.src.rpm

References