[ubuntu/lucid-security] openoffice.org, openoffice.org_3.2.0-7ubuntu4.2_amd64_translations.tar.gz, openoffice.org_3.2.0-7ubuntu4.2_armel_translations.tar.gz, openoffice.org_3.2.0-7ubuntu4.2_powerpc_translations.tar.gz, openoffice.org_3.2.0-7ubuntu4.2_sparc_translations.tar.gz (delayed), openoffice.org_3.2.0-7ubuntu4.2_ia64_translations.tar.gz, openoffice.org_3.2.0-7ubuntu4.2_i386_translations.tar.gz 1:3.2.0-7ubuntu4.2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Feb 2 21:26:16 UTC 2011 

openoffice.org (1:3.2.0-7ubuntu4.2) lucid-security; urgency=low

  * SECURITY UPDATE: multiple OpenOffice.org vulnerabilities.
    - debian/patches/SA40775.diff: buffer overflow fixes from upstream,
      patch thanks to Rene Engelhard (CVE-2010-2935, CVE-2010-2936).
    - debian/patches/tread-invalid-path-segments-correctly.diff: directory
      traversal fixes from upstream, patch thanks to Rene Engelhard
      (CVE-2010-3450).
    - debian/patches/cws-hb22.diff: multiple fixes from upstream, patch
      thanks to Rene Engelhard.
      - corrupt table model in RTF parser (CVE-2010-3451)
      - SwRTFParser::ReadNumSecLevel (CVE-2010-3452)
      - WW8ListManager::WW8ListManager (CVE-2010-3453)
      - WW8DopTypography::ReadFromMem (CVE-2010-3454)
      - LD_LIBRARY_PATH current directory injection (CVE-2010-3689)
    - debian/patches/security-fixes-drom-cws-os145.diff: heap overflow in
      PPT fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4253).
    - debian/patches/security-fixes-from-cws-impress208.diff: heap overflow in
      TGA fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4643).

Date: Tue, 25 Jan 2011 12:54:50 -0800
Changed-By: Kees Cook <kees at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openoffice.org/1:3.2.0-7ubuntu4.2
-------------- next part --------------
Format: 1.8
Date: Tue, 25 Jan 2011 12:54:50 -0800
Source: openoffice.org
Binary: openoffice.org broffice.org openoffice.org-l10n-za openoffice.org-l10n-in openoffice.org-core openoffice.org-common openoffice.org-java-common openoffice.org-writer openoffice.org-calc openoffice.org-impress openoffice.org-draw openoffice.org-math openoffice.org-base-core openoffice.org-base openoffice.org-style-crystal openoffice.org-style-oxygen openoffice.org-style-industrial openoffice.org-style-tango openoffice.org-style-human openoffice.org-style-hicontrast openoffice.org-style-galaxy openoffice.org-style-andromeda openoffice.org-gtk openoffice.org-gnome openoffice.org-evolution openoffice.org-emailmerge python-uno openoffice.org-officebean openoffice.org-filter-binfilter openoffice.org-filter-mobiledev libmythes-dev openoffice.org-dtd-officedocument1.0 uno-libs3 uno-libs3-dbg ure ure-dbg openoffice.org-gcj cli-uno-bridge libuno-cli-basetypes1.0-cil libuno-cli-uretypes1.0-cil libuno-cli-oootypes1.0-cil libuno-cli-cppuhelper1.0-cil libuno-cli-ure1.0-cil mozilla-openoffice.org
 openoffice.org-ogltrans openoffice.org-wiki-publisher openoffice.org-report-builder openoffice.org-report-builder-bin openoffice.org-presentation-minimizer openoffice.org-presenter-console openoffice.org-pdfimport ttf-opensymbol openoffice.org-dev openoffice.org-dev-doc openoffice.org-kde openoffice.org-kab openoffice.org-sdbc-postgresql openoffice.org-mysql-connector
Architecture: source
Version: 1:3.2.0-7ubuntu4.2
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 broffice.org - office productivity suite -- BrOffice.org branding
 cli-uno-bridge - OpenOffice.org bindings for Mono CLI
 libmythes-dev - simple thesaurus library -- development files
 libuno-cli-basetypes1.0-cil - OpenOffice.org bindings for Mono CLI -- base types
 libuno-cli-cppuhelper1.0-cil - OpenOffice.org bindings for Mono CLI -- bootstrapping library
 libuno-cli-oootypes1.0-cil - OpenOffice.org bindings for Mono CLI -- OpenOffice.org type libra
 libuno-cli-ure1.0-cil - OpenOffice.org bindings for Mono CLI -- helper classes
 libuno-cli-uretypes1.0-cil - OpenOffice.org bindings for Mono CLI -- URE type library
 mozilla-openoffice.org - office productivity suite -- Mozilla plugin
 openoffice.org - office productivity suite
 openoffice.org-base - office productivity suite -- database
 openoffice.org-base-core - office productivity suite -- shared library
 openoffice.org-calc - office productivity suite -- spreadsheet
 openoffice.org-common - office productivity suite -- arch-independent files
 openoffice.org-core - office productivity suite -- arch-dependent files
 openoffice.org-dev - office productivity suite -- SDK
 openoffice.org-dev-doc - office productivity suite -- SDK documentation
 openoffice.org-draw - office productivity suite -- drawing
 openoffice.org-dtd-officedocument1.0 - office productivity suite -- legacy 1.0 XML DTD
 openoffice.org-emailmerge - office productivity suite -- email mail merge
 openoffice.org-evolution - office productivity suite -- Evolution addressbook support
 openoffice.org-filter-binfilter - office productivity suite -- legacy filters (e.g. StarOffice 5.2)
 openoffice.org-filter-mobiledev - office productivity suite -- mobile devices filters
 openoffice.org-gcj - office productivity suite -- Java libraries for GIJ
 openoffice.org-gnome - office productivity suite -- GNOME integration
 openoffice.org-gtk - office productivity suite -- GTK+ integration
 openoffice.org-impress - office productivity suite -- presentation
 openoffice.org-java-common - office productivity suite -- arch-independent Java support files
 openoffice.org-kab - office productivity suite -- KDE adressbook support
 openoffice.org-kde - office productivity suite -- KDE integration
 openoffice.org-l10n-in - office productivity suite -- Indic language packages
 openoffice.org-l10n-za - office productivity suite -- South African language packages
 openoffice.org-math - office productivity suite -- equation editor
 openoffice.org-mysql-connector - MySQL Connector extension for OpenOffice.org
 openoffice.org-officebean - office productivity suite -- Java bean
 openoffice.org-ogltrans - OpenOffice.org Impress extension for transitions using OpenGL
 openoffice.org-pdfimport - OpenOffice.org extension for importing PDF documents
 openoffice.org-presentation-minimizer - OpenOffice.org extension for size-efficient presentations
 openoffice.org-presenter-console - OpenOffice.org Impress extension for a separate presenter's conso
 openoffice.org-report-builder - OpenOffice.org extension for building database reports
 openoffice.org-report-builder-bin - OpenOffice.org extension for building database reports -- librari
 openoffice.org-sdbc-postgresql - OpenOffice.org extension for PostgreSQL SDBC driver
 openoffice.org-style-andromeda - office productivity suite -- Andromeda (Classic) symbol style
 openoffice.org-style-crystal - office productivity suite -- Crystal symbol style
 openoffice.org-style-galaxy - office productivity suite -- Galaxy (Default) symbol style
 openoffice.org-style-hicontrast - office productivity suite -- Hicontrast symbol style
 openoffice.org-style-human - Human symbol style for OpenOffice.org
 openoffice.org-style-industrial - office productivity suite -- Industrial symbol style
 openoffice.org-style-oxygen - office productivity suite -- Oxygen symbol style
 openoffice.org-style-tango - office productivity suite -- Tango symbol style
 openoffice.org-wiki-publisher - OpenOffice.org extension for working with MediaWiki articles
 openoffice.org-writer - office productivity suite -- word processor
 python-uno - Python-UNO bridge
 ttf-opensymbol - OpenSymbol TrueType font
 uno-libs3  - OpenOffice.org UNO runtime environment -- public shared libraries
 uno-libs3-dbg - OpenOffice.org UNO runtime environment -- public shared library d
 ure        - OpenOffice.org UNO runtime environment
 ure-dbg    - OpenOffice.org UNO runtime environment -- debug symbols
Changes: 
 openoffice.org (1:3.2.0-7ubuntu4.2) lucid-security; urgency=low
 .
   * SECURITY UPDATE: multiple OpenOffice.org vulnerabilities.
     - debian/patches/SA40775.diff: buffer overflow fixes from upstream,
       patch thanks to Rene Engelhard (CVE-2010-2935, CVE-2010-2936).
     - debian/patches/tread-invalid-path-segments-correctly.diff: directory
       traversal fixes from upstream, patch thanks to Rene Engelhard
       (CVE-2010-3450).
     - debian/patches/cws-hb22.diff: multiple fixes from upstream, patch
       thanks to Rene Engelhard.
       - corrupt table model in RTF parser (CVE-2010-3451)
       - SwRTFParser::ReadNumSecLevel (CVE-2010-3452)
       - WW8ListManager::WW8ListManager (CVE-2010-3453)
       - WW8DopTypography::ReadFromMem (CVE-2010-3454)
       - LD_LIBRARY_PATH current directory injection (CVE-2010-3689)
     - debian/patches/security-fixes-drom-cws-os145.diff: heap overflow in
       PPT fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4253).
     - debian/patches/security-fixes-from-cws-impress208.diff: heap overflow in
       TGA fix from upstream, patch thanks to Rene Engelhard (CVE-2010-4643).
Checksums-Sha1: 
 334aa612012c2d148f58141307dd585004a20a3e 9853 openoffice.org_3.2.0-7ubuntu4.2.dsc
 9eaaa3264aab025585bd7d2857b620b54a16dd2a 3682504 openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz
Checksums-Sha256: 
 6b7afe1607d1758bab237d3e3b802916707948d34263e30c83cbdd2e184b577c 9853 openoffice.org_3.2.0-7ubuntu4.2.dsc
 99f2850219406521ba239a40ef951af7f256735d3a74b619c3d1dd00c7a50cba 3682504 openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz
Files: 
 f5a61256e0ec1076f60ddac053344b60 9853 editors optional openoffice.org_3.2.0-7ubuntu4.2.dsc
 270e5e5c16d43c83f501713f6be1252a 3682504 editors optional openoffice.org_3.2.0-7ubuntu4.2.debian.tar.gz
Original-Maintainer: Debian OpenOffice Team <debian-openoffice at lists.debian.org>

More information about the Lucid-changes mailing list