RedHat Security Advisory RHSA-2009:0005

The remote host is missing updates announced in advisory RHSA-2009:0005. GNOME VFS is the GNOME virtual file system. It provides a modular architecture and ships with several modules that implement support for various local and remote file systems as well as numerous protocols, including HTTP, FTP, and others. A buffer overflow flaw was discovered in the GNOME virtual file system when handling data returned by CDDB servers. If a user connected to a malicious CDDB server, an attacker could use this flaw to execute arbitrary code on the victim's machine. (CVE-2005-0706) Users of gnome-vfs and gnome-vfs2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running GNOME sessions must be restarted for the update to take effect.

Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date