Your message dated Wed, 20 Apr 2005 02:00:19 -0700 with message-id <[EMAIL PROTECTED]> and subject line CAN-2005-0941: "OpenOffice DOC document Heap Overflow" has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -------------------------------------- Received: (at submit) by bugs.debian.org; 12 Apr 2005 22:38:51 +0000 >From [EMAIL PROTECTED] Tue Apr 12 15:38:51 2005 Return-path: <[EMAIL PROTECTED]> Received: from imap.gmx.net (mail.gmx.net) [213.165.64.20] by spohr.debian.org with smtp (Exim 3.35 1 (Debian)) id 1DLU1z-00053D-00; Tue, 12 Apr 2005 15:38:51 -0700 Received: (qmail invoked by alias); 12 Apr 2005 22:38:19 -0000 Received: from dsl-084-056-110-083.arcor-ip.net (EHLO localhost) [84.56.110.83] by mail.gmx.net (mp002) with SMTP; 13 Apr 2005 00:38:19 +0200 X-Authenticated: #1545045 Received: by localhost (Postfix, from userid 1000) id 3E4986A1F0; Wed, 13 Apr 2005 00:38:16 +0200 (CEST) Date: Wed, 13 Apr 2005 00:38:16 +0200 From: Rene Engelhard <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: CAN-2005-0941: "OpenOffice DOC document Heap Overflow" Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cWoXeonUoKmBZSoM" Content-Disposition: inline X-Reportbug-Version: 3.9 X-PGP-Key: 248AEB73 X-PGP-Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73 User-Agent: Mutt/1.5.9i X-Y-GMX-Trusted: 0 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: --cWoXeonUoKmBZSoM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Package: openoffice.org Version: 1.1.3-8 Severity: grave Justification: user security hole Tags: sarge sid experimental pending =66rom full-disclosure (http://archives.neohapsis.com/archives/fulldisclosu= re/2005-04/0218.html): OpenOffice DOC document Heap Overflow [Security Advisory] Advisory:[AD_LAB-05001] OpenOffice DOC document Heap Overflow Class: Design Error DATE:30/3/2005 CVEID:CAN-2005-0941 Vulnerable: <=3DOpenOffice OpenOffice 1.1.4 -OpenOffice OpenOffice 2.0dev Unvulnerable: Unknow Vendor: www.openoffice.org I.DESCRIPTION: - ------------- OpenOffice.org is an office productivity suite, including word processing, spreadsheets, presentations, drawings, data charting, formula editing, and file conversion facilities. The vulnerability is caused due to a error within the .Doc document header processing.This can be exploited to cause a heap-based buffer overflow.=20 [...] -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable'), (400, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=3DISO-8859-15) Versions of packages openoffice.org depends on: ii dictionaries-common [openoffi 0.25.4 Common utilities for spelling = dict ii openoffice.org-bin 1.1.3-8 OpenOffice.org office suite bi= nary ii openoffice.org-debian-files 1.1.3-8+1 Debian specific parts of OpenO= ffic ii openoffice.org-l10n-de [openo 1.1.3-8 German language package for Op= enOf ii openoffice.org-l10n-en [openo 1.1.3-8 English (US) language package = for=20 ii ttf-opensymbol 1.1.3-8 The OpenSymbol TrueType font ii xml-core 0.09 XML infrastructure and XML cat= alog -- no debconf information --cWoXeonUoKmBZSoM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFCXE3Y+FmQsCSK63MRAhJIAJ9RvzELacwAKTI4SaAJnoKRbc46FgCfT2cS T82ElwiAVBKKHvwDTvgTggA= =//v+ -----END PGP SIGNATURE----- --cWoXeonUoKmBZSoM-- --------------------------------------- Received: (at 304412-done) by bugs.debian.org; 20 Apr 2005 09:00:19 +0000 >From [EMAIL PROTECTED] Wed Apr 20 02:00:19 2005 Return-path: <[EMAIL PROTECTED]> Received: from dsl093-039-086.pdx1.dsl.speakeasy.net (localhost.localdomain) [66.93.39.86] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DOB4F-0003KY-00; Wed, 20 Apr 2005 02:00:19 -0700 Received: by localhost.localdomain (Postfix, from userid 1000) id 3BA05172A57; Wed, 20 Apr 2005 02:00:19 -0700 (PDT) Date: Wed, 20 Apr 2005 02:00:19 -0700 From: Steve Langasek <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: CAN-2005-0941: "OpenOffice DOC document Heap Overflow" Message-ID: <[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="eAbsdosE1cNLO4uF" Content-Disposition: inline User-Agent: Mutt/1.5.6+20040907i Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: --eAbsdosE1cNLO4uF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi all, OOo 1.1.3-9 has been built on all architectures now, and (barring any sudden new uploads of the package between now and dinstall) will make its way into testing tomorrow. Cheers, --=20 Steve Langasek postmodern programmer --eAbsdosE1cNLO4uF Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFCZhoeKN6ufymYLloRAkj1AKDDRrS3uxP+MNkKWIHamrY8LkFp3wCgxDh0 R+KqIRPny5km/MBIUXsI76M= =DvfO -----END PGP SIGNATURE----- --eAbsdosE1cNLO4uF-- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]