Your message dated Fri, 15 Apr 2005 17:21:35 +0100 with message-id <[EMAIL PROTECTED]> and subject line Bug#304808: openoffice.org: Security vulnerability in opening .doc files has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -------------------------------------- Received: (at submit) by bugs.debian.org; 15 Apr 2005 15:44:07 +0000 >From [EMAIL PROTECTED] Fri Apr 15 08:44:06 2005 Return-path: <[EMAIL PROTECTED]> Received: from sal.ahpcrc.org [144.34.1.1] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DMSzG-0001kt-00; Fri, 15 Apr 2005 08:44:06 -0700 Received: from ahpcrc.org (mycroft.ahpcrc.org [144.34.9.34]) by sal.ahpcrc.org (Postfix) with ESMTP id 3481872E9 for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 10:44:04 -0500 (CDT) Received: from localhost (localhost [127.0.0.1]) by ahpcrc.org (Postfix) with ESMTP id 555DDAB0A0 for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 10:44:04 -0500 (CDT) Received: from ahpcrc.org ([127.0.0.1]) by localhost (mycroft.ahpcrc.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 32594-02 for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 10:44:01 -0500 (CDT) Received: from testfai.ncs.ahpcrc.org (testfai.ncs.ahpcrc.org [144.34.33.121]) by ahpcrc.org (Postfix) with ESMTP id 93BCDAB09F for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 10:44:01 -0500 (CDT) Received: by testfai.ncs.ahpcrc.org (Postfix, from userid 2434) id CECA04E00FC; Fri, 15 Apr 2005 10:44:01 -0500 (CDT) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Jay Kline <[EMAIL PROTECTED]> To: Debian Bug Tracking System <[EMAIL PROTECTED]> Subject: openoffice.org: Security vulnerability in opening .doc files X-Mailer: reportbug 3.8 Date: Fri, 15 Apr 2005 10:44:01 -0500 Message-Id: <[EMAIL PROTECTED]> X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at ahpcrc.org Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: Package: openoffice.org Version: 1.1.3-7 Severity: grave Tags: security patch Justification: user security hole Recently, SecurityFocus announced a vulnerability in OpenOffice version 1.1.4 and all prior versions. (http://www.securityfocus.com/archive/1/395516) This allows a mallicous DOC file to execute arbatrary code as the user running openoffice. A patch has been posted for version 1.1.4, but no patch exists for 1.1.3- users are recomended to upgrade. See http://download.openoffice.org/1.1.4/security_patch.html for details and the patch provided. - -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.29-1-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages openoffice.org depends on: ii dictionaries-common [openoffi 0.24.10 Common utilities for spelling dict ii openoffice.org-bin 1.1.3-7 OpenOffice.org office suite binary ii openoffice.org-debian-files 1.1.3-5+1 Debian specific parts of OpenOffic ii openoffice.org-l10n-en [openo 1.1.3-7 English (US) language package for ii ttf-opensymbol 1.1.3-7 The OpenSymbol TrueType font -- no debconf information --------------------------------------- Received: (at 304808-close) by bugs.debian.org; 15 Apr 2005 16:21:42 +0000 >From [EMAIL PROTECTED] Fri Apr 15 09:21:42 2005 Return-path: <[EMAIL PROTECTED]> Received: from moutng.kundenserver.de [212.227.126.186] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1DMTZd-0005ZE-00; Fri, 15 Apr 2005 09:21:41 -0700 Received: from i-83-67-20-196.freedom2surf.net[83.67.20.196] (helo=feathers.thehalls.de) by mrelayeu.kundenserver.de with ESMTP (Nemesis), id 0MKwtQ-1DMTZc2e5H-0001D7; Fri, 15 Apr 2005 18:21:40 +0200 Received: by feathers.thehalls.de (Postfix, from userid 1050) id AF1538009; Fri, 15 Apr 2005 17:21:36 +0100 (BST) From: Chris Halls <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: Bug#304808: openoffice.org: Security vulnerability in opening .doc files Date: Fri, 15 Apr 2005 17:21:35 +0100 User-Agent: KMail/1.7.2 References: <[EMAIL PROTECTED]> In-Reply-To: <[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <[EMAIL PROTECTED]> X-Provags-ID: kundenserver.de [EMAIL PROTECTED] login:b46e2b357ea7d4f6cadf4c99fb902606 Delivered-To: [EMAIL PROTECTED] X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: On Friday 15 Apr 2005 16:44, Jay Kline wrote: > Package: openoffice.org > Version: 1.1.3-7 Already fixed in 1.1.3-9, thanks -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]