close 405986 1.1.3-9sarge4 close 405986 2.0.4-1 reassign 405986 openoffice.org merge 405986 405679 thanks
Hi, Stefan Fritsch wrote: > >>From http://secunia.com/advisories/23612/ : > > A vulnerability has been reported in OpenOffice, which potentially > can be exploited by malicious people to compromise a user's system. > > The vulnerability is caused due to integer overflows within the > processor for WMF/EMF files. This can be exploited to cause a > heap-based buffer overflow by e.g. tricking a user into opening a > specially crafted WMF/EMF file. > > Successful exploitation may allow the execution of arbitrary code. > > A patch is at > http://www.openoffice.org/issues/show_bug.cgi?id=70042 > > Please mention the CVE id in the changelog. *yawns* Damnit. Go read the BTS. Then you would have seen http://bugs.debian.org/405679. Marking this as fixed in the appropriate versions (which I already told at #405679; I already told Joey now that he's back that he can release the advisory) Gr��e/Regards, Ren� -- .''`. Ren� Engelhard -- Debian GNU/Linux Developer : :' : http://www.debian.org | http://people.debian.org/~rene/ `. `' [EMAIL PROTECTED] | GnuPG-Key ID: 248AEB73 `- Fingerprint: 41FA F208 28D4 7CA5 19BB 7AD9 F859 90B0 248A EB73
signature.asc
Description: Digital signature
