openoffice.org (1:3.2.0-7ubuntu4.2) lucid-security; urgency=low * SECURITY UPDATE: multiple OpenOffice.org vulnerabilities. - debian/patches/SA40775.diff: buffer overflow fixes from upstream, patch thanks to Rene Engelhard (CVE-2010-2935, CVE-2010-2936). - debian/patches/tread-invalid-path-segments-correctly.diff: directory traversal fixes from upstream, patch thanks to Rene Engelhard (CVE-2010-3450). - debian/patches/cws-hb22.diff: multiple fixes from upstream, patch thanks to Rene Engelhard. - corrupt table model in RTF parser (CVE-2010-3451) - SwRTFParser::ReadNumSecLevel (CVE-2010-3452) - WW8ListManager::WW8ListManager (CVE-2010-3453) - WW8DopTypography::ReadFromMem (CVE-2010-3454) - LD_LIBRARY_PATH current directory injection (CVE-2010-3689) - debian/patches/security-fixes-drom-cws-os145.diff: heap overflow in PPT fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4253). - debian/patches/security-fixes-from-cws-impress208.diff: heap overflow in TGA fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4643).
Date: Tue, 25 Jan 2011 12:54:50 -0800 Changed-By: Kees Cook <k...@ubuntu.com> Maintainer: Ubuntu Core Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/lucid/+source/openoffice.org/1:3.2.0-7ubuntu4.2
Format: 1.8 Date: Tue, 25 Jan 2011 12:54:50 -0800 Source: openoffice.org Binary: openoffice.org broffice.org openoffice.org-l10n-za openoffice.org-l10n-in openoffice.org-core openoffice.org-common openoffice.org-java-common openoffice.org-writer openoffice.org-calc openoffice.org-impress openoffice.org-draw openoffice.org-math openoffice.org-base-core openoffice.org-base openoffice.org-style-crystal openoffice.org-style-oxygen openoffice.org-style-industrial openoffice.org-style-tango openoffice.org-style-human openoffice.org-style-hicontrast openoffice.org-style-galaxy openoffice.org-style-andromeda openoffice.org-gtk openoffice.org-gnome openoffice.org-evolution openoffice.org-emailmerge python-uno openoffice.org-officebean openoffice.org-filter-binfilter openoffice.org-filter-mobiledev libmythes-dev openoffice.org-dtd-officedocument1.0 uno-libs3 uno-libs3-dbg ure ure-dbg openoffice.org-gcj cli-uno-bridge libuno-cli-basetypes1.0-cil libuno-cli-uretypes1.0-cil libuno-cli-oootypes1.0-cil libuno-cli-cppuhelper1.0-cil libuno-cli-ure1.0-cil mozilla-openoffice.org openoffice.org-ogltrans openoffice.org-wiki-publisher openoffice.org-report-builder openoffice.org-report-builder-bin openoffice.org-presentation-minimizer openoffice.org-presenter-console openoffice.org-pdfimport ttf-opensymbol openoffice.org-dev openoffice.org-dev-doc openoffice.org-kde openoffice.org-kab openoffice.org-sdbc-postgresql openoffice.org-mysql-connector Architecture: source Version: 1:3.2.0-7ubuntu4.2 Distribution: lucid-security Urgency: low Maintainer: Ubuntu Core Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Kees Cook <k...@ubuntu.com> Description: broffice.org - office productivity suite -- BrOffice.org branding cli-uno-bridge - OpenOffice.org bindings for Mono CLI libmythes-dev - simple thesaurus library -- development files libuno-cli-basetypes1.0-cil - OpenOffice.org bindings for Mono CLI -- base types libuno-cli-cppuhelper1.0-cil - OpenOffice.org bindings for Mono CLI -- bootstrapping library libuno-cli-oootypes1.0-cil - OpenOffice.org bindings for Mono CLI -- OpenOffice.org type libra libuno-cli-ure1.0-cil - OpenOffice.org bindings for Mono CLI -- helper classes libuno-cli-uretypes1.0-cil - OpenOffice.org bindings for Mono CLI -- URE type library mozilla-openoffice.org - office productivity suite -- Mozilla plugin openoffice.org - office productivity suite openoffice.org-base - office productivity suite -- database openoffice.org-base-core - office productivity suite -- shared library openoffice.org-calc - office productivity suite -- spreadsheet openoffice.org-common - office productivity suite -- arch-independent files openoffice.org-core - office productivity suite -- arch-dependent files openoffice.org-dev - office productivity suite -- SDK openoffice.org-dev-doc - office productivity suite -- SDK documentation openoffice.org-draw - office productivity suite -- drawing openoffice.org-dtd-officedocument1.0 - office productivity suite -- legacy 1.0 XML DTD openoffice.org-emailmerge - office productivity suite -- email mail merge openoffice.org-evolution - office productivity suite -- Evolution addressbook support openoffice.org-filter-binfilter - office productivity suite -- legacy filters (e.g. StarOffice 5.2) openoffice.org-filter-mobiledev - office productivity suite -- mobile devices filters openoffice.org-gcj - office productivity suite -- Java libraries for GIJ openoffice.org-gnome - office productivity suite -- GNOME integration openoffice.org-gtk - office productivity suite -- GTK+ integration openoffice.org-impress - office productivity suite -- presentation openoffice.org-java-common - office productivity suite -- arch-independent Java support files openoffice.org-kab - office productivity suite -- KDE adressbook support openoffice.org-kde - office productivity suite -- KDE integration openoffice.org-l10n-in - office productivity suite -- Indic language packages openoffice.org-l10n-za - office productivity suite -- South African language packages openoffice.org-math - office productivity suite -- equation editor openoffice.org-mysql-connector - MySQL Connector extension for OpenOffice.org openoffice.org-officebean - office productivity suite -- Java bean openoffice.org-ogltrans - OpenOffice.org Impress extension for transitions using OpenGL openoffice.org-pdfimport - OpenOffice.org extension for importing PDF documents openoffice.org-presentation-minimizer - OpenOffice.org extension for size-efficient presentations openoffice.org-presenter-console - OpenOffice.org Impress extension for a separate presenter's conso openoffice.org-report-builder - OpenOffice.org extension for building database reports openoffice.org-report-builder-bin - OpenOffice.org extension for building database reports -- librari openoffice.org-sdbc-postgresql - OpenOffice.org extension for PostgreSQL SDBC driver openoffice.org-style-andromeda - office productivity suite -- Andromeda (Classic) symbol style openoffice.org-style-crystal - office productivity suite -- Crystal symbol style openoffice.org-style-galaxy - office productivity suite -- Galaxy (Default) symbol style openoffice.org-style-hicontrast - office productivity suite -- Hicontrast symbol style openoffice.org-style-human - Human symbol style for OpenOffice.org openoffice.org-style-industrial - office productivity suite -- Industrial symbol style openoffice.org-style-oxygen - office productivity suite -- Oxygen symbol style openoffice.org-style-tango - office productivity suite -- Tango symbol style openoffice.org-wiki-publisher - OpenOffice.org extension for working with MediaWiki articles openoffice.org-writer - office productivity suite -- word processor python-uno - Python-UNO bridge ttf-opensymbol - OpenSymbol TrueType font uno-libs3 - OpenOffice.org UNO runtime environment -- public shared libraries uno-libs3-dbg - OpenOffice.org UNO runtime environment -- public shared library d ure - OpenOffice.org UNO runtime environment ure-dbg - OpenOffice.org UNO runtime environment -- debug symbols Changes: openoffice.org (1:3.2.0-7ubuntu4.2) lucid-security; urgency=low . * SECURITY UPDATE: multiple OpenOffice.org vulnerabilities. - debian/patches/SA40775.diff: buffer overflow fixes from upstream, patch thanks to Rene Engelhard (CVE-2010-2935, CVE-2010-2936). - debian/patches/tread-invalid-path-segments-correctly.diff: directory traversal fixes from upstream, patch thanks to Rene Engelhard (CVE-2010-3450). - debian/patches/cws-hb22.diff: multiple fixes from upstream, patch thanks to Rene Engelhard. - corrupt table model in RTF parser (CVE-2010-3451) - SwRTFParser::ReadNumSecLevel (CVE-2010-3452) - WW8ListManager::WW8ListManager (CVE-2010-3453) - WW8DopTypography::ReadFromMem (CVE-2010-3454) - LD_LIBRARY_PATH current directory injection (CVE-2010-3689) - debian/patches/security-fixes-drom-cws-os145.diff: heap overflow in PPT fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4253). - debian/patches/security-fixes-from-cws-impress208.diff: heap overflow in TGA fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4643). Checksums-Sha1: 334aa612012c2d148f58141307dd585004a20a3e 9853 openoffice.org_3.2.0-7ubuntu4.2.dsc 9eaaa3264aab025585bd7d2857b620b54a16dd2a 3682504 openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz Checksums-Sha256: 6b7afe1607d1758bab237d3e3b802916707948d34263e30c83cbdd2e184b577c 9853 openoffice.org_3.2.0-7ubuntu4.2.dsc 99f2850219406521ba239a40ef951af7f256735d3a74b619c3d1dd00c7a50cba 3682504 openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz Files: f5a61256e0ec1076f60ddac053344b60 9853 editors optional openoffice.org_3.2.0-7ubuntu4.2.dsc 270e5e5c16d43c83f501713f6be1252a 3682504 editors optional openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz Original-Maintainer: Debian OpenOffice Team <debian-openoff...@lists.debian.org>
-- Lucid-changes mailing list Lucid-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/lucid-changes