openSUSE alert openSUSE-SU-2010:0386-1 (OpenOffice) [LWN.net]


From:
    	       opensuse-security@opensuse.org 
To:
    	       opensuse-updates@opensuse.org 
Subject:
    	       openSUSE-SU-2010:0386-1 (important): OpenOffice: security update to fix python macro execution 
Date:
    	       Fri, 16 Jul 2010 14:08:15 +0200 (CEST)
Message-ID:
    	       <20100716120815.C2D11BE27@oldboy.suse.de>
Archive-link:
    	       Article, Thread
              
   openSUSE Security Update: OpenOffice: security update to fix python macro execution
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:0386-1
Rating:             important
References:         #607095 
Cross-References:   CVE-2010-0395
Affected Products:
                    openSUSE 11.2
                    openSUSE 11.1
                    openSUSE 11.0
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update of OpenOffice_org does not allow macros written
   in Python to be executed without permission, CVE-2010-0395.


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.2:

      zypper in -t patch OpenOffice_org-base-drivers-postgresql-2578

   - openSUSE 11.1:

      zypper in -t patch OpenOffice_org-base-drivers-postgresql-2578

   - openSUSE 11.0:

      zypper in -t patch OpenOffice_org-2581

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.2 (i586 src x86_64):

      OpenOffice_org-libs-core-3.1.1.4-1.3.1

   - openSUSE 11.2 (i586 x86_64):

      OpenOffice_org-base-drivers-postgresql-3.1.1.4-1.3.1
      OpenOffice_org-gnome-3.1.1.4-1.3.1
      OpenOffice_org-kde-3.1.1.4-1.3.1
      OpenOffice_org-kde4-3.1.1.4-1.3.1
      OpenOffice_org-libs-core-devel-3.1.1.4-1.3.1
      OpenOffice_org-libs-core-l10n-prebuilt-3.1.1.4-1.3.1
      OpenOffice_org-mailmerge-3.1.1.4-1.3.1

   - openSUSE 11.1 (i586 ppc src x86_64):

      OpenOffice_org-libs-core-3.0.0.9-1.12.1

   - openSUSE 11.1 (i586 ppc x86_64):

      OpenOffice_org-base-drivers-postgresql-3.0.0.9-1.12.1
      OpenOffice_org-gnome-3.0.0.9-1.12.1
      OpenOffice_org-kde-3.0.0.9-1.12.1
      OpenOffice_org-libs-core-devel-3.0.0.9-1.12.1
      OpenOffice_org-libs-core-l10n-prebuilt-3.0.0.9-1.12.1
      OpenOffice_org-mailmerge-3.0.0.9-1.12.1

   - openSUSE 11.0 (i586 ppc src x86_64):

      OpenOffice_org-2.4.0.14-1.8

   - openSUSE 11.0 (i586 ppc x86_64):

      OpenOffice_org-base-2.4.0.14-1.8
      OpenOffice_org-branding-upstream-2.4.0.14-1.8
      OpenOffice_org-calc-2.4.0.14-1.8
      OpenOffice_org-devel-2.4.0.14-1.8
      OpenOffice_org-draw-2.4.0.14-1.8
      OpenOffice_org-filters-2.4.0.14-1.8
      OpenOffice_org-gnome-2.4.0.14-1.8
      OpenOffice_org-icon-themes-prebuilt-2.4.0.14-1.8
      OpenOffice_org-impress-2.4.0.14-1.8
      OpenOffice_org-kde-2.4.0.14-1.8
      OpenOffice_org-mailmerge-2.4.0.14-1.8
      OpenOffice_org-math-2.4.0.14-1.8
      OpenOffice_org-mono-2.4.0.14-1.8
      OpenOffice_org-officebean-2.4.0.14-1.8
      OpenOffice_org-pyuno-2.4.0.14-1.8
      OpenOffice_org-sdk-2.4.0.14-1.8
      OpenOffice_org-sdk-doc-2.4.0.14-1.8
      OpenOffice_org-testtool-2.4.0.14-1.8
      OpenOffice_org-writer-2.4.0.14-1.8


References:

   http://support.novell.com/security/cve/CVE-2010-0395.html
   https://bugzilla.novell.com/607095
(Log in to post comments)