Bug#309749: marked as done (openoffice.org: Heap overflow)
Your message dated Thu, 19 May 2005 22:28:55 +0200
with message-id <20050519202855.GA20129@rene-engelhard.de>
and subject line fixed in 1.1.3-9
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 19 May 2005 10:19:08 +0000
>From paul@vandervlis.nl Thu May 19 03:19:08 2005
Return-path: <paul@vandervlis.nl>
Received: from server.vandervlis.nl [194.109.241.246]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DYi7P-0004v4-00; Thu, 19 May 2005 03:19:08 -0700
Received: from localhost (localhost [127.0.0.1])
by server.vandervlis.nl (Postfix) with ESMTP
id D17DB77E9F; Thu, 19 May 2005 12:19:08 +0200 (CEST)
Received: from [127.0.0.1] (vlis [192.168.0.33])
by server.vandervlis.nl (Postfix) with ESMTP
id CE8B177E91; Thu, 19 May 2005 12:19:07 +0200 (CEST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Paul van der Vlis <paul@vandervlis.nl>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: openoffice.org: Heap overflow
X-Mailer: reportbug 3.9
Date: Thu, 19 May 2005 12:22:56 +0200
Message-Id: <[🔎] 20050519101907.CE8B177E91@server.vandervlis.nl>
X-Virus-Scanned: by AMaViS snapshot-20020531
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: openoffice.org
Version: 1.1.3-8
Severity: grave
Justification: user security hole
The security update fixes a buffer overflow in OpenOffice_org
Microsoft Word document reader which could allow a remote attacker
sending a handcrafted .doc file to execute code as the user
opening the document in OpenOffice.
This is tracked by the Mitre CVE ID CAN-2005-0941.
http://download.openoffice.org/1.1.4/security_patch.html
http://www.securityfocus.com/archive/1/395516
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=nl_NL@euro, LC_CTYPE=nl_NL@euro (charmap=ISO-8859-15)
Versions of packages openoffice.org depends on:
ii dictionaries-common [openoffi 0.25.3 Common utilities for spelling dict
ii openoffice.org-bin 1.1.3-8 OpenOffice.org office suite binary
ii openoffice.org-debian-files 1.1.3-8+1 Debian specific parts of OpenOffic
ii openoffice.org-l10n-de [openo 1.1.3-8 German language package for OpenOf
ii openoffice.org-l10n-en [openo 1.1.3-8 English (US) language package for
ii openoffice.org-l10n-es [openo 1.1.3-8 Spanish language package for OpenO
ii openoffice.org-l10n-nl [openo 1.1.3-8 Dutch language package for OpenOff
ii ttf-opensymbol 1.1.3-8 The OpenSymbol TrueType font
ii xml-core 0.09 XML infrastructure and XML catalog
-- no debconf information
---------------------------------------
Received: (at 309749-done) by bugs.debian.org; 19 May 2005 20:29:36 +0000
>From rene.engelhard@gmx.de Thu May 19 13:29:36 2005
Return-path: <rene.engelhard@gmx.de>
Received: from pop.gmx.de (mail.gmx.net) [213.165.64.20]
by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
id 1DYreB-0002e5-00; Thu, 19 May 2005 13:29:35 -0700
Received: (qmail invoked by alias); 19 May 2005 20:29:04 -0000
Received: from dsl-084-056-110-082.arcor-ip.net (EHLO localhost) [84.56.110.82]
by mail.gmx.net (mp013) with SMTP; 19 May 2005 22:29:04 +0200
X-Authenticated: #1545045
Received: by localhost (Postfix, from userid 1000)
id 0A10015A97; Thu, 19 May 2005 22:28:56 +0200 (CEST)
Date: Thu, 19 May 2005 22:28:55 +0200
From: Rene Engelhard <rene@debian.org>
To: 309749-done@bugs.debian.org
Subject: fixed in 1.1.3-9
Message-ID: <20050519202855.GA20129@rene-engelhard.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=unknown-8bit
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
X-PGP-Key: 248AEB73
X-PGP-Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73
Organization: The Debian Project
User-Agent: Mutt/1.5.9i
X-Y-GMX-Trusted: 0
Delivered-To: 309749-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Hi,
1.1.3-9 is in sarge since a few days, fixing that. WTF do you report
that bug now again?
Closing.
Grüße/Regards,
Rene
--
.''`. Rene Engelhard -- Debian GNU/Linux Developer
: :' : http://www.debian.org | http://people.debian.org/~rene/
`. `' rene@debian.org | GnuPG-Key ID: 248AEB73
`- Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73
Reply to: