Bug#304808: openoffice.org: Security vulnerability in opening .doc files
Package: openoffice.org
Version: 1.1.3-7
Severity: grave
Tags: security patch
Justification: user security hole
Recently, SecurityFocus announced a vulnerability in OpenOffice version
1.1.4 and all prior versions. (http://www.securityfocus.com/archive/1/395516)
This allows a mallicous DOC file to execute arbatrary code as the user
running openoffice. A patch has been posted for version 1.1.4, but no
patch exists for 1.1.3- users are recomended to upgrade.
See http://download.openoffice.org/1.1.4/security_patch.html for details
and the patch provided.
-
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.29-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages openoffice.org depends on:
ii dictionaries-common [openoffi 0.24.10 Common utilities for spelling dict
ii openoffice.org-bin 1.1.3-7 OpenOffice.org office suite binary
ii openoffice.org-debian-files 1.1.3-5+1 Debian specific parts of OpenOffic
ii openoffice.org-l10n-en [openo 1.1.3-7 English (US) language package for
ii ttf-opensymbol 1.1.3-7 The OpenSymbol TrueType font
-- no debconf information
Reply to: