Rene Engelhard uploaded a new package for openoffice.org which fixed the following security problem: CVE-2010-0395 It was discovered that OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft(R) Office, is not properly handling python macros embedded in an office document. This allows an attacker to perform user-assisted execution of arbitrary code in certain use cases of the python macro viewer component. For the lenny-backports distribution, these problems have been fixed in version 1:3.2.0-11~bpo50+1. pgrade instructions --------------------- If you don't use pinning (see [1]) you have to update openoffice.org manually via "apt-get -t lenny-backports install openoffice.org". [1] <http://backports.org/dokuwiki/doku.php?id=instructions> We recommend to pin the backports repository to 200 so that new versions of installed backports will be installed automatically: Package: * Pin: release a=lenny-backports Pin-Priority: 200
Attachment:
signature.asc
Description: Digital signature