Your message dated Fri, 15 Apr 2005 17:21:35 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#304808: openoffice.org: Security vulnerability in opening
.doc files
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 15 Apr 2005 15:44:07 +0000
>From [EMAIL PROTECTED] Fri Apr 15 08:44:06 2005
Return-path: <[EMAIL PROTECTED]>
Received: from sal.ahpcrc.org [144.34.1.1]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DMSzG-0001kt-00; Fri, 15 Apr 2005 08:44:06 -0700
Received: from ahpcrc.org (mycroft.ahpcrc.org [144.34.9.34])
by sal.ahpcrc.org (Postfix) with ESMTP id 3481872E9
for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 10:44:04 -0500 (CDT)
Received: from localhost (localhost [127.0.0.1])
by ahpcrc.org (Postfix) with ESMTP id 555DDAB0A0
for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 10:44:04 -0500 (CDT)
Received: from ahpcrc.org ([127.0.0.1])
by localhost (mycroft.ahpcrc.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 32594-02 for <[EMAIL PROTECTED]>;
Fri, 15 Apr 2005 10:44:01 -0500 (CDT)
Received: from testfai.ncs.ahpcrc.org (testfai.ncs.ahpcrc.org [144.34.33.121])
by ahpcrc.org (Postfix) with ESMTP id 93BCDAB09F
for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 10:44:01 -0500 (CDT)
Received: by testfai.ncs.ahpcrc.org (Postfix, from userid 2434)
id CECA04E00FC; Fri, 15 Apr 2005 10:44:01 -0500 (CDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Jay Kline <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: openoffice.org: Security vulnerability in opening .doc files
X-Mailer: reportbug 3.8
Date: Fri, 15 Apr 2005 10:44:01 -0500
Message-Id: <[EMAIL PROTECTED]>
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at ahpcrc.org
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: openoffice.org
Version: 1.1.3-7
Severity: grave
Tags: security patch
Justification: user security hole
Recently, SecurityFocus announced a vulnerability in OpenOffice version
1.1.4 and all prior versions. (http://www.securityfocus.com/archive/1/395516)
This allows a mallicous DOC file to execute arbatrary code as the user
running openoffice. A patch has been posted for version 1.1.4, but no
patch exists for 1.1.3- users are recomended to upgrade.
See http://download.openoffice.org/1.1.4/security_patch.html for details
and the patch provided.
-
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.29-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages openoffice.org depends on:
ii dictionaries-common [openoffi 0.24.10 Common utilities for spelling dict
ii openoffice.org-bin 1.1.3-7 OpenOffice.org office suite binary
ii openoffice.org-debian-files 1.1.3-5+1 Debian specific parts of OpenOffic
ii openoffice.org-l10n-en [openo 1.1.3-7 English (US) language package for
ii ttf-opensymbol 1.1.3-7 The OpenSymbol TrueType font
-- no debconf information
---------------------------------------
Received: (at 304808-close) by bugs.debian.org; 15 Apr 2005 16:21:42 +0000
>From [EMAIL PROTECTED] Fri Apr 15 09:21:42 2005
Return-path: <[EMAIL PROTECTED]>
Received: from moutng.kundenserver.de [212.227.126.186]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DMTZd-0005ZE-00; Fri, 15 Apr 2005 09:21:41 -0700
Received: from i-83-67-20-196.freedom2surf.net[83.67.20.196]
(helo=feathers.thehalls.de)
by mrelayeu.kundenserver.de with ESMTP (Nemesis),
id 0MKwtQ-1DMTZc2e5H-0001D7; Fri, 15 Apr 2005 18:21:40 +0200
Received: by feathers.thehalls.de (Postfix, from userid 1050)
id AF1538009; Fri, 15 Apr 2005 17:21:36 +0100 (BST)
From: Chris Halls <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Bug#304808: openoffice.org: Security vulnerability in opening .doc
files
Date: Fri, 15 Apr 2005 17:21:35 +0100
User-Agent: KMail/1.7.2
References: <[EMAIL PROTECTED]>
In-Reply-To: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <[EMAIL PROTECTED]>
X-Provags-ID: kundenserver.de [EMAIL PROTECTED]
login:b46e2b357ea7d4f6cadf4c99fb902606
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
On Friday 15 Apr 2005 16:44, Jay Kline wrote:
> Package: openoffice.org
> Version: 1.1.3-7
Already fixed in 1.1.3-9, thanks
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
