This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/openoffice-org.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new 74ccab3 git-site-role commit from build_staging.sh
74ccab3 is described below
commit 74ccab3feb320336fd3415602d0bb054c243b7d3
Author: jenkins <bui...@apache.org>
AuthorDate: Thu Oct 7 16:39:24 2021 +0000
git-site-role commit from build_staging.sh
---
content/feed.xml | 4 +-
content/security/bulletin.html | 16 +++--
content/security/cves/CVE-2021-28129.html | 107 ++++++++++++++++++++++++++++
content/security/cves/CVE-2021-33035.html | 109 ++++++++++++++++++++++++++++
content/security/cves/CVE-2021-40439.html | 114 ++++++++++++++++++++++++++++++
5 files changed, 344 insertions(+), 6 deletions(-)
diff --git a/content/feed.xml b/content/feed.xml
index fa524e6..69a6c43 100644
--- a/content/feed.xml
+++ b/content/feed.xml
@@ -6,8 +6,8 @@
<atom:link href="http://localhost:8820/feed.xml"; rel="self"
type="application/rss+xml" />
<description>OpenOffice.org Feed</description>
<language>en-us</language>
- <pubDate>Thu, 7 Oct 2021 16:00:56 +0000</pubDate>
- <lastBuildDate>Thu, 7 Oct 2021 16:00:56 +0000</lastBuildDate>
+ <pubDate>Thu, 7 Oct 2021 16:38:30 +0000</pubDate>
+ <lastBuildDate>Thu, 7 Oct 2021 16:38:30 +0000</lastBuildDate>
</channel>
diff --git a/content/security/bulletin.html b/content/security/bulletin.html
index 6258024..9997849 100644
--- a/content/security/bulletin.html
+++ b/content/security/bulletin.html
@@ -37,29 +37,37 @@
subscribe to our <a href="alerts.html">security-alerts mailing
list</a>.</strong>
</p>
+ <h3>Fixed in Apache OpenOffice 4.1.11</h3>
+
+ <ul>
+ <li><a href="cves/CVE-2021-28129.html">CVE-2021-28129</a>: DEB packaging
installed with a non-root userid and groupid</li>
+ <li><a href="cves/CVE-2021-33035.html">CVE-2021-33035</a>: Buffer overflow
from a crafted DBF file</li>
+ <li><a href="cves/CVE-2021-40439.html">CVE-2021-40439</a>: "Billion Laughs"
fixed in Expat >=2.4.0</li>
+ </ul>
+
<h3>Fixed in Apache OpenOffice 4.1.10</h3>
<ul>
<li><a href="cves/CVE-2021-30245.html">CVE-2021-30245</a>: Code execution
in Apache OpenOffice via non-http(s) schemes in Hyperlinks</li>
- </ul>
+ </ul>
<h3>Fixed in Apache OpenOffice 4.1.8</h3>
<ul>
<li><a href="cves/CVE-2020-13958.html">CVE-2020-13958</a>: Unrestricted
actions leads to arbitrary code execution in crafted documents</li>
- </ul>
+ </ul>
<h3>Fixed in Apache OpenOffice 4.1.7</h3>
<ul>
<li><a href="cves/CVE-2019-9853.html">CVE-2019-9853</a>: Insufficient URL
decoding flaw in categorizing macro location</li>
- </ul>
+ </ul>
<h3>Fixed in Apache OpenOffice 4.1.6</h3>
<ul>
<li><a href="cves/CVE-2018-11790.html">CVE-2018-11790</a>: Arithmetic
overflow and wrap around during string length calculation </li>
- </ul>
+ </ul>
<h3>Fixed in Apache OpenOffice 4.1.5</h3>
diff --git a/content/security/cves/CVE-2021-28129.html
b/content/security/cves/CVE-2021-28129.html
new file mode 100644
index 0000000..36f556f
--- /dev/null
+++ b/content/security/cves/CVE-2021-28129.html
@@ -0,0 +1,107 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+ <title>CVE-2021-28129</title>
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+
+
+ <p>
+ <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-28129";>CVE-2021-28129</a>
+ </p>
+ <p>
+ <a
href="https://www.openoffice.org/security/cves/CVE-2021-28129.html";>Apache
OpenOffice Advisory</a>
+ </p>
+ <p style="text-align:center; font-size:largest">
+ <strong>CVE-2021-28129 DEB packaging for Apache OpenOffice 4.1.8
installed with a non-root userid and groupid</strong>
+ </p>
+ <p style="text-align:center; font-size:larger">
+ <strong>Fixed in Apache OpenOffice 4.1.11</strong>
+ </p>
+ <p>
+ <strong>Description</strong>
+ </p>
+ <p>
+ While working on Apache OpenOffice 4.1.8 a developer discovered that the
DEB package did not install
+ using root, but instead used a userid and groupid of 500. This both
caused issues with desktop
+ integration and could allow a crafted attack on files owned by that user
or group if they exist.
+ </p>
+ <p>
+ <strong>Severity: Moderate</strong>
+ </p>
+ <p>
+ There are no known exploits of this vulnerability.
+ <br />
+ A proof-of-concept demonstration exists.
+ </p>
+ <p>
+ Thanks to the reporter for discovering this issue.
+ </p>
+ <p>
+ <strong>Vendor: The Apache Software Foundation</strong>
+ </p>
+ <p>
+ <strong>Versions Affected</strong>
+ </p>
+ <p>
+ All Apache OpenOffice versions 4.1.10 and older are affected.
+ <br />
+ OpenOffice.org versions may also be affected.
+ </p>
+ <p>
+ <strong>Mitigation</strong>
+ </p>
+ <p>
+ Install Apache OpenOffice 4.1.11 for the latest maintenance and
cumulative security fixes.
+ Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";> download page</a>.
+ </p>
+ <p>
+ <strong>Acknowledgments</strong>
+ </p>
+ <p>
+ The Apache OpenOffice Security Team thanks for pointing to this issue.
+ </p>
+ <p>
+ <strong>Further Information</strong>
+ </p>
+ <p>
+ For additional information and assistance, consult the
+ <a href="https://forum.openoffice.org/";>Apache OpenOffice Community
Forums</a>
+ or make requests to the
+ <a
href="mailto:us...@openoffice.apache.org";>us...@openoffice.apache.org</a>
+ public mailing list.
+ </p>
+ <p>
+ The latest information on Apache OpenOffice security bulletins can be
found at the
+ <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive page</a>.
+ </p>
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2021-28129.html";>CVE-2021-28129</a>
+ </p>
+
+
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
diff --git a/content/security/cves/CVE-2021-33035.html
b/content/security/cves/CVE-2021-33035.html
new file mode 100644
index 0000000..0924d65
--- /dev/null
+++ b/content/security/cves/CVE-2021-33035.html
@@ -0,0 +1,109 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+ <title>CVE-2021-33035</title>
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+
+
+ <p>
+ <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-33035";>CVE-2021-33035</a>
+ </p>
+ <p>
+ <a
href="https://www.openoffice.org/security/cves/CVE-2021-33035.html";>Apache
OpenOffice Advisory</a>
+ </p>
+ <p style="text-align:center; font-size:largest">
+ <strong>CVE-2021-33035 Buffer overflow from a crafted DBF file</strong>
+ </p>
+ <p style="text-align:center; font-size:larger">
+ <strong>Fixed in Apache OpenOffice 4.1.11</strong>
+ </p>
+ <p>
+ <strong>Description</strong>
+ </p>
+ <p>
+ Apache OpenOffice opens dBase/DBF documents and shows the contents as
spreadsheets. DBF are database
+ files with data organized in fields. When reading DBF data the size of
certain fields is not checked:
+ the data is just copied into local variables. A carefully crafted
document could overflow the allocated
+ space, leading to the execution of arbitrary code by altering the
contents of the program stack.
+ </p>
+ <p>
+ <strong>Severity: Moderate</strong>
+ </p>
+ <p>
+ There are no known exploits of this vulnerability.
+ <br />
+ A proof-of-concept demonstration exists.
+ </p>
+ <p>
+ Thanks to the reporter for discovering this issue.
+ </p>
+ <p>
+ <strong>Vendor: The Apache Software Foundation</strong>
+ </p>
+ <p>
+ <strong>Versions Affected</strong>
+ </p>
+ <p>
+ All Apache OpenOffice versions 4.1.10 and older are affected.
+ <br />
+ OpenOffice.org versions may also be affected.
+ </p>
+ <p>
+ <strong>Mitigation</strong>
+ </p>
+ <p>
+ Install Apache OpenOffice 4.1.11 for the latest maintenance and
cumulative security fixes.
+ Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";> download page</a>.
+ </p>
+ <p>
+ <strong>Acknowledgments</strong>
+ </p>
+ <p>
+ The Apache OpenOffice Security Team would like to thank Eugene Lim,
Government Technology
+ Agency of Singapore, for discovering and reporting this attack vector.
+ </p>
+ <p>
+ <strong>Further Information</strong>
+ </p>
+ <p>
+ For additional information and assistance, consult the
+ <a href="https://forum.openoffice.org/";>Apache OpenOffice Community
Forums</a>
+ or make requests to the
+ <a
href="mailto:us...@openoffice.apache.org";>us...@openoffice.apache.org</a>
+ public mailing list.
+ </p>
+ <p>
+ The latest information on Apache OpenOffice security bulletins can be
found at the
+ <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive page</a>.
+ </p>
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2021-33035.html";>CVE-2021-33035</a>
+ </p>
+
+
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
diff --git a/content/security/cves/CVE-2021-40439.html
b/content/security/cves/CVE-2021-40439.html
new file mode 100644
index 0000000..36d3b48
--- /dev/null
+++ b/content/security/cves/CVE-2021-40439.html
@@ -0,0 +1,114 @@
+
+<!--#include virtual="/doctype.html" -->
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+ <link href="/css/ooo.css" rel="stylesheet" type="text/css">
+
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+ <title>CVE-2021-40439</title>
+
+
+ <script src="https://www.apachecon.com/event-images/snippet.js";></script>
+ </head>
+ <body>
+ <!--#include virtual="/brand.html" -->
+ <div id="topbara">
+ <!--#include virtual="/topnav.html" -->
+ <div id="breadcrumbsa"><a href="/">home</a> » <a
href="/security/">security</a> » <a
href="/security/cves/">cves</a></div>
+ </div>
+ <div id="clear"></div>
+
+
+ <div id="content">
+
+
+ <p>
+ <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-40439";>CVE-2021-40439</a>
+ </p>
+ <p>
+ <a
href="https://www.openoffice.org/security/cves/CVE-2021-40439.html";>Apache
OpenOffice Advisory</a>
+ </p>
+ <p style="text-align:center; font-size:largest">
+ <strong>CVE-2021-40439 "Billion Laughs" fixed in Expat >=2.4.0</strong>
+ </p>
+ <p style="text-align:center; font-size:larger">
+ <strong>Fixed in Apache OpenOffice 4.1.11</strong>
+ </p>
+ <p>
+ <strong>Description</strong>
+ </p>
+ <p>
+ Apache OpenOffice has a dependency on expat software. Versions prior to
2.1.0 were subject to
+ CVE-2013-0340 a "Billion Laughs" entity expansion denial of service
attack and exploit via crafted
+ XML files. ODF files consist of a set of XML files.
+ expat 2.1.0 and earlier does not properly handle entities expansion
unless an application developer
+ uses the XML_SetEntityDeclHandler function, which allows remote
attackers to cause a denial of service
+ (resource consumption), send HTTP requests to intranet servers, or read
arbitrary files via a crafted
+ XML document, aka an XML External Entity (XXE) issue.
+ <br />
+ expat is a 3rd party library that is used in the Apache OpenOffice build
process to make use of its
+ functions.
+ </p>
+ <p>
+ <strong>Severity: Moderate</strong>
+ </p>
+ <p>
+ There are no known exploits of this vulnerability.
+ <br />
+ A proof-of-concept demonstration exists.
+ </p>
+ <p>
+ Thanks to the reporter for discovering this issue
+ </p>
+ <p>
+ <strong>Vendor: The Apache Software Foundation</strong>
+ </p>
+ <p>
+ <strong>Versions Affected</strong>
+ </p>
+ <p>
+ All Apache OpenOffice versions 4.1.10 and older are affected.
+ <br />
+ OpenOffice.org versions may also be affected.
+ </p>
+ <p>
+ <strong>Mitigation</strong>
+ </p>
+ <p>
+ Install Apache OpenOffice 4.1.11 for the latest maintenance and
cumulative security fixes.
+ Use the Apache OpenOffice <a
href="https://www.openoffice.org/download/";> download page</a>.
+ </p>
+ <p>
+ <strong>Acknowledgments</strong>
+ </p>
+ <p>
+ The Apache OpenOffice Security Team thanks for pointing to this issue.
+ </p>
+ <p>
+ <strong>Further Information</strong>
+ </p>
+ <p>
+ For additional information and assistance, consult the
+ <a href="https://forum.openoffice.org/";>Apache OpenOffice Community
Forums</a>
+ or make requests to the
+ <a
href="mailto:us...@openoffice.apache.org";>us...@openoffice.apache.org</a>
+ public mailing list.
+ </p>
+ <p>
+ The latest information on Apache OpenOffice security bulletins can be
found at the
+ <a href="https://www.openoffice.org/security/bulletin.html";>Bulletin
Archive page</a>.
+ </p>
+ <hr />
+ <p>
+ <a href="https://security.openoffice.org";>Security Home</a>->
+ <a
href="https://www.openoffice.org/security/bulletin.html";>Bulletin</a>->
+ <a
href="https://www.openoffice.org/security/cves/CVE-2021-40439.html";>CVE-2021-40439</a>
+ </p>
+
+
+ </div>
+ <!--#include virtual="/footer.html" -->
+ </body>
+</html>
