[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#309749: marked as done (openoffice.org: Heap overflow)

Your message dated Thu, 19 May 2005 22:28:55 +0200
with message-id <20050519202855.GA20129@rene-engelhard.de>
and subject line fixed in 1.1.3-9
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 19 May 2005 10:19:08 +0000
>From paul@vandervlis.nl Thu May 19 03:19:08 2005
Return-path: <paul@vandervlis.nl>
Received: from server.vandervlis.nl [194.109.241.246] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1DYi7P-0004v4-00; Thu, 19 May 2005 03:19:08 -0700
Received: from localhost (localhost [127.0.0.1])
	by server.vandervlis.nl (Postfix) with ESMTP
	id D17DB77E9F; Thu, 19 May 2005 12:19:08 +0200 (CEST)
Received: from [127.0.0.1] (vlis [192.168.0.33])
	by server.vandervlis.nl (Postfix) with ESMTP
	id CE8B177E91; Thu, 19 May 2005 12:19:07 +0200 (CEST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Paul van der Vlis <paul@vandervlis.nl>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: openoffice.org: Heap overflow
X-Mailer: reportbug 3.9
Date: Thu, 19 May 2005 12:22:56 +0200
Message-Id: <[🔎] 20050519101907.CE8B177E91@server.vandervlis.nl>
X-Virus-Scanned: by AMaViS snapshot-20020531
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: openoffice.org
Version: 1.1.3-8
Severity: grave
Justification: user security hole

The security update fixes a buffer overflow in OpenOffice_org
Microsoft Word document reader which could allow a remote attacker
sending a handcrafted .doc file to execute code as the user
opening the document in OpenOffice.

This is tracked by the Mitre CVE ID CAN-2005-0941.

http://download.openoffice.org/1.1.4/security_patch.html
http://www.securityfocus.com/archive/1/395516

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=nl_NL@euro, LC_CTYPE=nl_NL@euro (charmap=ISO-8859-15)

Versions of packages openoffice.org depends on:
ii  dictionaries-common [openoffi 0.25.3     Common utilities for spelling dict
ii  openoffice.org-bin            1.1.3-8    OpenOffice.org office suite binary
ii  openoffice.org-debian-files   1.1.3-8+1  Debian specific parts of OpenOffic
ii  openoffice.org-l10n-de [openo 1.1.3-8    German language package for OpenOf
ii  openoffice.org-l10n-en [openo 1.1.3-8    English (US) language package for 
ii  openoffice.org-l10n-es [openo 1.1.3-8    Spanish language package for OpenO
ii  openoffice.org-l10n-nl [openo 1.1.3-8    Dutch language package for OpenOff
ii  ttf-opensymbol                1.1.3-8    The OpenSymbol TrueType font
ii  xml-core                      0.09       XML infrastructure and XML catalog

-- no debconf information

---------------------------------------
Received: (at 309749-done) by bugs.debian.org; 19 May 2005 20:29:36 +0000
>From rene.engelhard@gmx.de Thu May 19 13:29:36 2005
Return-path: <rene.engelhard@gmx.de>
Received: from pop.gmx.de (mail.gmx.net) [213.165.64.20] 
	by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
	id 1DYreB-0002e5-00; Thu, 19 May 2005 13:29:35 -0700
Received: (qmail invoked by alias); 19 May 2005 20:29:04 -0000
Received: from dsl-084-056-110-082.arcor-ip.net (EHLO localhost) [84.56.110.82]
  by mail.gmx.net (mp013) with SMTP; 19 May 2005 22:29:04 +0200
X-Authenticated: #1545045
Received: by localhost (Postfix, from userid 1000)
	id 0A10015A97; Thu, 19 May 2005 22:28:56 +0200 (CEST)
Date: Thu, 19 May 2005 22:28:55 +0200
From: Rene Engelhard <rene@debian.org>
To: 309749-done@bugs.debian.org
Subject: fixed in 1.1.3-9
Message-ID: <20050519202855.GA20129@rene-engelhard.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=unknown-8bit
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
X-PGP-Key: 248AEB73
X-PGP-Fingerprint: 41FA F208 28D4 7CA5 19BB  7AD9 F859 90B0 248A EB73
Organization: The Debian Project
User-Agent: Mutt/1.5.9i
X-Y-GMX-Trusted: 0
Delivered-To: 309749-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no 
	version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Hi,

1.1.3-9 is in sarge since a few days, fixing that. WTF do you report
that bug now again?

Closing.

Grüße/Regards,

Rene
-- 
 .''`.  Rene Engelhard -- Debian GNU/Linux Developer
 : :' : http://www.debian.org | http://people.debian.org/~rene/
 `. `'  rene@debian.org | GnuPG-Key ID: 248AEB73
   `-   Fingerprint: 41FA F208 28D4 7CA5 19BB  7AD9 F859 90B0 248A EB73
Reply to: