Martin Schulze schreef: > -------------------------------------------------------------------------- > Debian Security Advisory DSA 1246-1 [EMAIL PROTECTED] > http://www.debian.org/security/ Martin Schulze > January 8th, 2007 http://www.debian.org/security/faq > -------------------------------------------------------------------------- > > Package : openoffice.org > Vulnerability : buffer overflow > Problem type : local (remote) > Debian-specific: no > CVE ID : CVE-2006-5870 > Debian Bug : 405679 405986 > > John Heasman from Next Generation Security Software discovered a heap > overflow in the handling of Windows Metafiles in OpenOffice.org, the > free office suite, which could lead to a denial of service and > potentially execution of arbitrary code. > > For the stable distribution (sarge) this problem has been fixed in > version 1.1.3-9sarge4. > > For the unstable distribution (sid) this problem has been fixed in > version 2.0.4-1. > > We recommend that you upgrade your openofffice.org package.
Why is there nothing for Etch? http://people.debian.org/~terpstra/message/20061224.090602.027e7771.en.html ---------- There are also good news. One of them is that the security team told us that we now have security support for Etch (and also that Etch has been in a good status for some time now regarding security). ---------- With regards, Paul. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
