This is an automated email from the ASF dual-hosted git repository. marcus pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/openoffice-org.git
The following commit(s) were added to refs/heads/main by this push: new e6ffcd0fc9 Security Bulletin for the Apache OpenOffice 4.1.14 Release e6ffcd0fc9 is described below commit e6ffcd0fc9c81db01729ce763077ddd586ba150a Author: Marcus <mar...@apache.org> AuthorDate: Fri Mar 17 12:42:21 2023 +0100 Security Bulletin for the Apache OpenOffice 4.1.14 Release --- content/security/cves/CVE-2022-38745.html | 85 ++++++++++++++++++++++++++++++ content/security/cves/CVE-2022-40674.html | 74 ++++++++++++++++++++++++++ content/security/cves/CVE-2022-47502.html | 87 +++++++++++++++++++++++++++++++ 3 files changed, 246 insertions(+) diff --git a/content/security/cves/CVE-2022-38745.html b/content/security/cves/CVE-2022-38745.html new file mode 100644 index 0000000000..32960664bf --- /dev/null +++ b/content/security/cves/CVE-2022-38745.html @@ -0,0 +1,85 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <title>CVE-2022-38745</title> + </head> + + <body> + <p> + <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-38745">CVE-2022-38745</a> + </p> + <p> + <a href="https://www.openoffice.org/security/cves/CVE-2022-38745.html">Apache OpenOffice Advisory</a> + </p> + <p style="text-align:center; font-size:largest"> + <strong>An empty class path may lead to run arbitrary Java code</strong> + </p> + <p style="text-align:center; font-size:larger"> + <strong>Fixed in Apache OpenOffice 4.1.14</strong> + </p> + <p> + <strong>Description</strong> + </p> + <p> + It is possible to configure Apache OpenOffice so that it launches the JVM giving an empty class path, + that means: "load classes from the current directory". This may lead to run arbitrary Java code. + </p> + <p> + <strong>Severity: Moderate</strong> + </p> + <p> + There are no known exploits of this vulnerability. + <br /> + A proof-of-concept demonstration does not exist. + </p> + <p> + Thanks to the reporter for discovering this issue. + </p> + <p> + <strong>Vendor: The Apache Software Foundation</strong> + </p> + <p> + <strong>Versions Affected</strong> + </p> + <p> + All Apache OpenOffice versions 4.1.13 and older are affected. + <br /> + OpenOffice.org versions may also be affected. + </p> + <p> + <strong>Mitigation</strong> + </p> + <p> + Install Apache OpenOffice 4.1.14 for the latest maintenance and cumulative security fixes. + Use the Apache OpenOffice <a href="https://www.openoffice.org/download/"> download page</a>. + </p> + <p> + <strong>Acknowledgments</strong> + </p> + <p> + The Apache OpenOffice Security Team would like to thank ? for discovering and reporting this + attack vector. + </p> + <p> + <strong>Further Information</strong> + </p> + <p> + For additional information and assistance, consult the + <a href="https://forum.openoffice.org/">Apache OpenOffice Community Forums</a> + or make requests to the + <a href="mailto:us...@openoffice.apache.org">us...@openoffice.apache.org</a> + public mailing list. + </p> + <p> + The latest information on Apache OpenOffice security bulletins can be found at the + <a href="https://www.openoffice.org/security/bulletin.html">Bulletin Archive page</a>. + </p> + <hr /> + <p> + <a href="https://security.openoffice.org">Security Home</a>-> + <a href="https://www.openoffice.org/security/bulletin.html">Bulletin</a>-> + <a href="https://www.openoffice.org/security/cves/CVE-2022-38745.html">CVE-2022-38745</a> + </p> + </body> +</html> diff --git a/content/security/cves/CVE-2022-40674.html b/content/security/cves/CVE-2022-40674.html new file mode 100644 index 0000000000..3ffd30dde7 --- /dev/null +++ b/content/security/cves/CVE-2022-40674.html @@ -0,0 +1,74 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <title>CVE-2022-40674</title> + </head> + + <body> + <p> + <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-40674">CVE-2022-40674</a> + </p> + <p> + <a href="https://www.openoffice.org/security/cves/CVE-2022-40674.html">Apache OpenOffice Advisory</a> + </p> + <p style="text-align:center; font-size:largest"> + <strong>"Use after free" fixed in expat >= 2.4.9</strong> + </p> + <p style="text-align:center; font-size:larger"> + <strong>Fixed in Apache OpenOffice 4.1.14</strong> + </p> + <p> + <strong>Description</strong> + </p> + <p> + libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. + </p> + <p> + <strong>Severity: Moderate</strong> + </p> + <p> + There are no known exploits of this vulnerability. + <br /> + A proof-of-concept demonstration does not exist. + </p> + <p> + <strong>Vendor: The Apache Software Foundation</strong> + </p> + <p> + <strong>Versions Affected</strong> + </p> + <p> + All Apache OpenOffice versions 4.1.13 and older are affected. + <br /> + OpenOffice.org versions may also be affected. + </p> + <p> + <strong>Mitigation</strong> + </p> + <p> + Install Apache OpenOffice 4.1.14 for the latest maintenance and cumulative security fixes. + Use the Apache OpenOffice <a href="https://www.openoffice.org/download/"> download page</a>. + </p> + <p> + <strong>Further Information</strong> + </p> + <p> + For additional information and assistance, consult the + <a href="https://forum.openoffice.org/">Apache OpenOffice Community Forums</a> + or make requests to the + <a href="mailto:us...@openoffice.apache.org">us...@openoffice.apache.org</a> + public mailing list. + </p> + <p> + The latest information on Apache OpenOffice security bulletins can be found at the + <a href="https://www.openoffice.org/security/bulletin.html">Bulletin Archive page</a>. + </p> + <hr /> + <p> + <a href="https://security.openoffice.org">Security Home</a>-> + <a href="https://www.openoffice.org/security/bulletin.html">Bulletin</a>-> + <a href="https://www.openoffice.org/security/cves/CVE-2022-40674.html">CVE-2022-40674</a> + </p> + </body> +</html> diff --git a/content/security/cves/CVE-2022-47502.html b/content/security/cves/CVE-2022-47502.html new file mode 100644 index 0000000000..fc73c7a6e5 --- /dev/null +++ b/content/security/cves/CVE-2022-47502.html @@ -0,0 +1,87 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <title>CVE-2022-47502</title> + </head> + + <body> + <p> + <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-47502">CVE-2022-47502</a> + </p> + <p> + <a href="https://www.openoffice.org/security/cves/CVE-2022-47502.html">Apache OpenOffice Advisory</a> + </p> + <p style="text-align:center; font-size:largest"> + <strong>Macro URL arbitrary script execution without warning</strong> + </p> + <p style="text-align:center; font-size:larger"> + <strong>Fixed in Apache OpenOffice 4.1.14</strong> + </p> + <p> + <strong>Description</strong> + </p> + <p> + Apache OpenOffice supports Office URI Schemes to enable browser integration of Apache OpenOffice with + MS SharePoint server. In the affected versions links could be constructed to call internal macros + with arbitrary arguments. Which when clicked on, or activated by document events, could result in + arbitrary script execution without warning. + </p> + <p> + <strong>Severity: Moderate</strong> + </p> + <p> + There are no known exploits of this vulnerability. + <br /> + A proof-of-concept demonstration exists. + </p> + <p> + Thanks to the reporter for discovering this issue. + </p> + <p> + <strong>Vendor: The Apache Software Foundation</strong> + </p> + <p> + <strong>Versions Affected</strong> + </p> + <p> + All Apache OpenOffice versions 4.1.13 and older are affected. + <br /> + OpenOffice.org versions may also be affected. + </p> + <p> + <strong>Mitigation</strong> + </p> + <p> + Install Apache OpenOffice 4.1.14 for the latest maintenance and cumulative security fixes. + Use the Apache OpenOffice <a href="https://www.openoffice.org/download/"> download page</a>. + </p> + <p> + <strong>Acknowledgments</strong> + </p> + <p> + The Apache OpenOffice Security Team would like to thank Altin Thartori (tin-z) for discovering and + reporting this attack vector. + </p> + <p> + <strong>Further Information</strong> + </p> + <p> + For additional information and assistance, consult the + <a href="https://forum.openoffice.org/">Apache OpenOffice Community Forums</a> + or make requests to the + <a href="mailto:us...@openoffice.apache.org">us...@openoffice.apache.org</a> + public mailing list. + </p> + <p> + The latest information on Apache OpenOffice security bulletins can be found at the + <a href="https://www.openoffice.org/security/bulletin.html">Bulletin Archive page</a>. + </p> + <hr /> + <p> + <a href="https://security.openoffice.org">Security Home</a>-> + <a href="https://www.openoffice.org/security/bulletin.html">Bulletin</a>-> + <a href="https://www.openoffice.org/security/cves/CVE-2022-47502.html">CVE-2022-47502</a> + </p> + </body> +</html>