openoffice.org (1:3.2.0-7ubuntu4.2) lucid-security; urgency=low
* SECURITY UPDATE: multiple OpenOffice.org vulnerabilities.
- debian/patches/SA40775.diff: buffer overflow fixes from upstream,
patch thanks to Rene Engelhard (CVE-2010-2935, CVE-2010-2936).
- debian/patches/tread-invalid-path-segments-correctly.diff: directory
traversal fixes from upstream, patch thanks to Rene Engelhard
(CVE-2010-3450).
- debian/patches/cws-hb22.diff: multiple fixes from upstream, patch
thanks to Rene Engelhard.
- corrupt table model in RTF parser (CVE-2010-3451)
- SwRTFParser::ReadNumSecLevel (CVE-2010-3452)
- WW8ListManager::WW8ListManager (CVE-2010-3453)
- WW8DopTypography::ReadFromMem (CVE-2010-3454)
- LD_LIBRARY_PATH current directory injection (CVE-2010-3689)
- debian/patches/security-fixes-drom-cws-os145.diff: heap overflow in
PPT fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4253).
- debian/patches/security-fixes-from-cws-impress208.diff: heap overflow in
TGA fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4643).
Date: Tue, 25 Jan 2011 12:54:50 -0800
Changed-By: Kees Cook <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
https://launchpad.net/ubuntu/lucid/+source/openoffice.org/1:3.2.0-7ubuntu4.2
Format: 1.8
Date: Tue, 25 Jan 2011 12:54:50 -0800
Source: openoffice.org
Binary: openoffice.org broffice.org openoffice.org-l10n-za
openoffice.org-l10n-in openoffice.org-core openoffice.org-common
openoffice.org-java-common openoffice.org-writer openoffice.org-calc
openoffice.org-impress openoffice.org-draw openoffice.org-math
openoffice.org-base-core openoffice.org-base openoffice.org-style-crystal
openoffice.org-style-oxygen openoffice.org-style-industrial
openoffice.org-style-tango openoffice.org-style-human
openoffice.org-style-hicontrast openoffice.org-style-galaxy
openoffice.org-style-andromeda openoffice.org-gtk openoffice.org-gnome
openoffice.org-evolution openoffice.org-emailmerge python-uno
openoffice.org-officebean openoffice.org-filter-binfilter
openoffice.org-filter-mobiledev libmythes-dev
openoffice.org-dtd-officedocument1.0 uno-libs3 uno-libs3-dbg ure ure-dbg
openoffice.org-gcj cli-uno-bridge libuno-cli-basetypes1.0-cil
libuno-cli-uretypes1.0-cil libuno-cli-oootypes1.0-cil
libuno-cli-cppuhelper1.0-cil libuno-cli-ure1.0-cil mozilla-openoffice.org
openoffice.org-ogltrans openoffice.org-wiki-publisher
openoffice.org-report-builder openoffice.org-report-builder-bin
openoffice.org-presentation-minimizer openoffice.org-presenter-console
openoffice.org-pdfimport ttf-opensymbol openoffice.org-dev
openoffice.org-dev-doc openoffice.org-kde openoffice.org-kab
openoffice.org-sdbc-postgresql openoffice.org-mysql-connector
Architecture: source
Version: 1:3.2.0-7ubuntu4.2
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Kees Cook <[email protected]>
Description:
broffice.org - office productivity suite -- BrOffice.org branding
cli-uno-bridge - OpenOffice.org bindings for Mono CLI
libmythes-dev - simple thesaurus library -- development files
libuno-cli-basetypes1.0-cil - OpenOffice.org bindings for Mono CLI -- base
types
libuno-cli-cppuhelper1.0-cil - OpenOffice.org bindings for Mono CLI --
bootstrapping library
libuno-cli-oootypes1.0-cil - OpenOffice.org bindings for Mono CLI --
OpenOffice.org type libra
libuno-cli-ure1.0-cil - OpenOffice.org bindings for Mono CLI -- helper classes
libuno-cli-uretypes1.0-cil - OpenOffice.org bindings for Mono CLI -- URE type
library
mozilla-openoffice.org - office productivity suite -- Mozilla plugin
openoffice.org - office productivity suite
openoffice.org-base - office productivity suite -- database
openoffice.org-base-core - office productivity suite -- shared library
openoffice.org-calc - office productivity suite -- spreadsheet
openoffice.org-common - office productivity suite -- arch-independent files
openoffice.org-core - office productivity suite -- arch-dependent files
openoffice.org-dev - office productivity suite -- SDK
openoffice.org-dev-doc - office productivity suite -- SDK documentation
openoffice.org-draw - office productivity suite -- drawing
openoffice.org-dtd-officedocument1.0 - office productivity suite -- legacy 1.0
XML DTD
openoffice.org-emailmerge - office productivity suite -- email mail merge
openoffice.org-evolution - office productivity suite -- Evolution addressbook
support
openoffice.org-filter-binfilter - office productivity suite -- legacy filters
(e.g. StarOffice 5.2)
openoffice.org-filter-mobiledev - office productivity suite -- mobile devices
filters
openoffice.org-gcj - office productivity suite -- Java libraries for GIJ
openoffice.org-gnome - office productivity suite -- GNOME integration
openoffice.org-gtk - office productivity suite -- GTK+ integration
openoffice.org-impress - office productivity suite -- presentation
openoffice.org-java-common - office productivity suite -- arch-independent
Java support files
openoffice.org-kab - office productivity suite -- KDE adressbook support
openoffice.org-kde - office productivity suite -- KDE integration
openoffice.org-l10n-in - office productivity suite -- Indic language packages
openoffice.org-l10n-za - office productivity suite -- South African language
packages
openoffice.org-math - office productivity suite -- equation editor
openoffice.org-mysql-connector - MySQL Connector extension for OpenOffice.org
openoffice.org-officebean - office productivity suite -- Java bean
openoffice.org-ogltrans - OpenOffice.org Impress extension for transitions
using OpenGL
openoffice.org-pdfimport - OpenOffice.org extension for importing PDF documents
openoffice.org-presentation-minimizer - OpenOffice.org extension for
size-efficient presentations
openoffice.org-presenter-console - OpenOffice.org Impress extension for a
separate presenter's conso
openoffice.org-report-builder - OpenOffice.org extension for building database
reports
openoffice.org-report-builder-bin - OpenOffice.org extension for building
database reports -- librari
openoffice.org-sdbc-postgresql - OpenOffice.org extension for PostgreSQL SDBC
driver
openoffice.org-style-andromeda - office productivity suite -- Andromeda
(Classic) symbol style
openoffice.org-style-crystal - office productivity suite -- Crystal symbol
style
openoffice.org-style-galaxy - office productivity suite -- Galaxy (Default)
symbol style
openoffice.org-style-hicontrast - office productivity suite -- Hicontrast
symbol style
openoffice.org-style-human - Human symbol style for OpenOffice.org
openoffice.org-style-industrial - office productivity suite -- Industrial
symbol style
openoffice.org-style-oxygen - office productivity suite -- Oxygen symbol style
openoffice.org-style-tango - office productivity suite -- Tango symbol style
openoffice.org-wiki-publisher - OpenOffice.org extension for working with
MediaWiki articles
openoffice.org-writer - office productivity suite -- word processor
python-uno - Python-UNO bridge
ttf-opensymbol - OpenSymbol TrueType font
uno-libs3 - OpenOffice.org UNO runtime environment -- public shared libraries
uno-libs3-dbg - OpenOffice.org UNO runtime environment -- public shared
library d
ure - OpenOffice.org UNO runtime environment
ure-dbg - OpenOffice.org UNO runtime environment -- debug symbols
Changes:
openoffice.org (1:3.2.0-7ubuntu4.2) lucid-security; urgency=low
.
* SECURITY UPDATE: multiple OpenOffice.org vulnerabilities.
- debian/patches/SA40775.diff: buffer overflow fixes from upstream,
patch thanks to Rene Engelhard (CVE-2010-2935, CVE-2010-2936).
- debian/patches/tread-invalid-path-segments-correctly.diff: directory
traversal fixes from upstream, patch thanks to Rene Engelhard
(CVE-2010-3450).
- debian/patches/cws-hb22.diff: multiple fixes from upstream, patch
thanks to Rene Engelhard.
- corrupt table model in RTF parser (CVE-2010-3451)
- SwRTFParser::ReadNumSecLevel (CVE-2010-3452)
- WW8ListManager::WW8ListManager (CVE-2010-3453)
- WW8DopTypography::ReadFromMem (CVE-2010-3454)
- LD_LIBRARY_PATH current directory injection (CVE-2010-3689)
- debian/patches/security-fixes-drom-cws-os145.diff: heap overflow in
PPT fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4253).
- debian/patches/security-fixes-from-cws-impress208.diff: heap overflow in
TGA fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4643).
Checksums-Sha1:
334aa612012c2d148f58141307dd585004a20a3e 9853
openoffice.org_3.2.0-7ubuntu4.2.dsc
9eaaa3264aab025585bd7d2857b620b54a16dd2a 3682504
openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz
Checksums-Sha256:
6b7afe1607d1758bab237d3e3b802916707948d34263e30c83cbdd2e184b577c 9853
openoffice.org_3.2.0-7ubuntu4.2.dsc
99f2850219406521ba239a40ef951af7f256735d3a74b619c3d1dd00c7a50cba 3682504
openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz
Files:
f5a61256e0ec1076f60ddac053344b60 9853 editors optional
openoffice.org_3.2.0-7ubuntu4.2.dsc
270e5e5c16d43c83f501713f6be1252a 3682504 editors optional
openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz
Original-Maintainer: Debian OpenOffice Team <[email protected]>
--
Lucid-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/lucid-changes
