User: Password:
|
|
Subscribe / Log in / New account

Ubuntu alert USN-313-1 (openoffice.org)

From:  Martin Pitt <martin.pitt@canonical.com>
To:  ubuntu-security-announce@lists.ubuntu.com
Subject:  [USN-313-1] OpenOffice.org vulnerabilities
Date:  Wed, 12 Jul 2006 15:09:24 +0200
Cc:  full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com

=========================================================== Ubuntu Security Notice USN-313-1 July 11, 2006 openoffice.org-amd64, openoffice.org vulnerabilities CVE-2006-2198, CVE-2006-2199, CVE-2006-3117 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: openoffice.org-bin 1.1.3-8ubuntu2.4 Ubuntu 6.06 LTS: openoffice.org-base 2.0.2-2ubuntu12.1 openoffice.org-common 2.0.2-2ubuntu12.1 openoffice.org-core 2.0.2-2ubuntu12.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Ubuntu 5.10 is also affected by these flaws. Updated packages will be provided shortly. Details follow: It was possible to embed Basic macros in documents in a way that OpenOffice.org would not ask for confirmation about executing them. By tricking a user into opening a malicious document, this could be exploited to run arbitrary Basic code (including local file access and modification) with the user's privileges. (CVE-2006-2198) A flaw was discovered in the Java sandbox which allowed Java applets to break out of the sandbox and execute code without restrictions. By tricking a user into opening a malicious document, this could be exploited to run arbitrary code with the user's privileges. This update disables Java applets for OpenOffice.org, since it is not generally possible to guarantee the sandbox restrictions. (CVE-2006-2199) A buffer overflow has been found in the XML parser. By tricking a user into opening a specially crafted XML file with OpenOffice.org, this could be exploited to execute arbitrary code with the user's privileges. (CVE-2006-3117) Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 28789 514ea84d6f71ccf9db3ef260d5208659 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 711 b1b158d017923995de9baa90d78af405 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 213206527 dc7f27c5ce697aeca39f8622e19d8b81 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 6775773 452a4984ad6e9099c90e535d4b8450e0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2970 fe922d379fc59ff63aa1f138bdd623d5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 166568714 5250574bad9906b38ce032d04b765772 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2635378 b8fa9808c55979fb401b5e54712790d5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2680962 9b14a2caeb1198c5754c04f81f53281b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2678222 98170fad141dd06f8126450c3aebcbee http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3575066 d207819f21a982a4125a3199b14684cd http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2649914 bb4c611d7ed3323d48aa5dc29318f6b8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3568972 e75a586b586e765d07e6e82723613f8f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3441302 574d06d219935433da8fc72faaa854e3 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2729146 058e25d98f3d4f2d1b02bbfbbf030319 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3513912 6b6e6689293d2f1a6c31c7dbae8606a5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3548974 9f8c29a74cd142b9f47d06bc79830653 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2632886 66825e4ed7f75cb77c1f2f8ded32acc2 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2655352 81ad5e4b872f46e1568074bb33ebda4c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2660290 669a69a28af7f7b17ee05f99231ab4d5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3481312 826af33ab09c9da3fdad8c8f16d25f06 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2646488 0010dfa8289690594dbe82c9b6b7204b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2646058 19fed75cfe6ce61c354dc2004e4d3327 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2683650 097e4dc8cfb0563f1dff7e92daf3b3b9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2758712 8f96e8bbdbeb86ede91857ad7c3d9aaf http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3542620 16d2e0c0fa90e487c4350523014a144b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3552866 624b2578f01269dd154ea5b2c53677d6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2672444 6120d217e85c824f82ced4a376169afe http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3527600 9a84c1a5bc35e5234934ae7940793b9b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2661364 15c632b033f33c5fbc95f1859eeb9b96 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2652270 ad832c373fcc6a45399d4d85586dea94 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3547822 5bf666b16a07a5f7b7941ac5266c3dfe http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2651716 3f51aa83ccae2d6d4f6780338db11585 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2653558 00081633f71d94b2524dcbdb31141df5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3229376 ed493dfdb1dc5ad4dbd55f1dc99b4768 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3513012 1f9f8e804850877e12f49a3aeb4994bc http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3148874 d0651324038d430e3a8e451b31de9797 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3322614 dbf0898a644eead1abf050c3f68506fb http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3591020 87790f65cde9b8df71088ec04afb2bd2 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3586294 368d393d1926bad26be80befe08b08d7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3529642 2100aa986dd7d05c696a486c90aa8226 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2676294 8296a37b659e764ee929e13f4f43c18b http://security.ubuntu.com/ubuntu/pool/universe/o/openoff... Size/MD5: 2638292 8d0c02e98e2481731fdef695e135a507 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2879142 83a73500674f0f828f58cbeb2c1b2c89 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2591144 8e011a554624850e83b017e0ce1ee168 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3542538 a8625f2f45e3d754a9982eee687a2e9a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3537536 c03d196f9d4ca744114ce560c4e88f7e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2660698 501a8ef9499923eff51ca802f6048cf0 http://security.ubuntu.com/ubuntu/pool/universe/o/openoff... Size/MD5: 69412 0ce1d940fd4fc5d50e2ebb786178b10a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3133206 b7804a9eb878f8268c2a581908db3d20 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 6855132 69a095b57462880d44b03ce32acce8f8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 139296 2dae21da1b3854093ecb36d467330246 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 41623916 eea64d786deb06b7449874958a7192a9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 122924 b421afa0756d1897cc0f5cf9a974c454 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 41668622 5e2ce6ca9d0c4bd401327855d1a0ef4e http://security.ubuntu.com/ubuntu/pool/universe/o/openoff... Size/MD5: 1862188 9718fdeb250e944c008964660bdd1a71 http://security.ubuntu.com/ubuntu/pool/universe/o/openoff... Size/MD5: 166942 ae8051e9bc9e490d8932d9c4c0f2969b http://security.ubuntu.com/ubuntu/pool/universe/o/openoff... Size/MD5: 393990 8e49f9c17616c2e0b7ead073ba3fbdad http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 162540 f51c5cb6b86e590e658897d77cfecbbd http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 146480 2d88c8c00f84ed6ba0fd190ec397226c powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 39933532 e5c0e78e5560ea6518d47ae845e49fd1 http://security.ubuntu.com/ubuntu/pool/universe/o/openoff... Size/MD5: 1868340 b95ccc2f87796f5d1f4e620961df46a6 http://security.ubuntu.com/ubuntu/pool/universe/o/openoff... Size/MD5: 163784 99f4facd03daf98b211e6cacd7795a3c http://security.ubuntu.com/ubuntu/pool/universe/o/openoff... Size/MD5: 376704 0a7352937ff82965726e6dd48707c127 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 160990 ba159f148f636e2654e0d77dd8a0ff4d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 144446 3a4954442272701f4c1bab99fc27a022 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 35941 cc88050616a146cad2c75018919a4292 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 1038 c1c340e11db38a3380de216c3c232eb2 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 330944232 cba2302c07b6543aa6f9f1bcb8fa8529 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 73004797 97f2eaeb6e9947ceaf678350d5d5af5c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3266 5512c271679732101f05d3bc8817dee4 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 206094795 b789f87aaa1f943a47a75740a73ba7cc Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 26439878 f7216d2c8c95d623b05d081eb3317209 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 4810568 d01992eb7f34b3cdd49f31cb719212e4 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 922 65f7ba2a7c863dcde5e2543a21548e17 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2404542 326ac39b4cdf08f0f2d7b155abec008e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 604964 a66430c56185a9f62dc98f71bed9a3b5 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2092644 f48b9f54382aa7af9d5fee6a547872f6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 920 1677af03f3e674e0cb655448dd952c6a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 922 468f078b4995b1938c0e9c30e30a5bed http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 922 d4a99eca7eb5eb376469a5efb6110b8c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 918 7e403db8cb352fd478b4688799c698cb http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 926 c3d3650162f47fe9b0e29a06ce463c88 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 918 2bddb2c1e97e884ceddad53b64ff279a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 924 cb5cdc14903ebf23d767ba550bdcd4c8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 928 dbf1d0f139d4b742e9cebb9f99c0a036 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 904 187fc8bec7af42f4766f1ad5a10277e6 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 161642 574c0b1302e9910b7a9c5107c5707497 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2913252 e40882e692ce96e985e148b9f16f0f15 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3898540 33202e730e5c56147141faaebf82847e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 29659808 c9ed74c68ff6156ce8fdeb508de33a9d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 1843472 aae917b9fe346abaa627d8081356bf41 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 7917252 39a5e749a8f4ecdb5b1927768a610bbe http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 6868 553b433bcae329d6084c813091c76677 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 203334 0eb8696e36531bcee3a153f2eb3c5d0f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 565006 44f04addbf1dcd36803ca4e0cd02dee0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 190432 e1f9965db5f6ef06ab743b8be64544aa http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 289948 380839ccab4fcdcd31de3b80851e1b9e http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 581302 3e928db7120f1e1b016f17790836fad9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 4806794 59e3d4294ddce3f7f5336473d4e9c687 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 1842 4a8bde096f1f831996c1902308487647 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 98074 4d656853728c1c8c440f9bd319306491 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2913628 8f9fa0f35997c2a446d56dd669469c68 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3898936 5dd9efc26f03db775191d4dd1cd980e9 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 29721724 1096e93065e8d7c42e2d8f253b36449d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3868494 ee97d2313e619f9029dc3ee0c8f15f6a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 1843852 154ad78e6614e3e6b0a38da43f630793 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 80736 083700fcf6591aa9446e29056592135d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 7917434 62890e6e6ce8fcf4d12cacd7c0599eee http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3295438 d56747037be92398a920bbc43b1da27f http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 59602 e2979838b4fd99fbe38f72b741ffdb13 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 203620 c5afd011f9893d5aa2a36417a077549c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 565372 f0b9e550282b48edc8c86075b46bccbf http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 190632 f0c14b6cafc4cb163a0c83d81c0ef35a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 290326 e23db822a82ea5c44fc8a2edbeedc32a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 45468 00a1f0806865be3241e89614ad023187 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 582232 69c92092f368b4354f8cc5cb7e8324c0 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 4807200 73db23205c8be62b15ceed9d1ddd56fe http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 924 ea79c93cc69806d3ffb3a13f371cd77c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 1956 dc0c89f63d6b69c7ace0f5453bbe4a51 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 225236 74251de3f444feb8dd9ef433d608d2a8 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 98106 c560e61c023ef713d1c249e97694fe82 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3567684 62bb49ea59a06bb6977a10eb2e315486 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 4738488 8afc82f030335cbae08cb7ab153b909d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 34642866 44f5c9cad0926a67581e876e3557ed2a http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 4087020 e1e921302b31c78731c7d43c9f7c8d89 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 2075124 40c5dd596754ddd889d3c660d750667b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 96284 c9f6fc97be759ad055f27eeeb6f32b58 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 9322080 0ca15ef74eddfcedfa90204aa5a2e69b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 3980054 3b38cc0889e27d13cf515f50870efcb7 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 58816 e2ecfc2675751ee4f8e764394006c3bd http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 217474 792a2a985b54edd25423e8b5baeb35d1 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 716450 c785e7a62011199151409cd783ca4e93 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 204356 5b59e21e96da302c7b07779c2b50fd2b http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 314202 09f0ceda3702e69a0f26e7c51eb6ad2d http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 47548 31c3c1fcbf64af45a9fce73117f55418 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 596252 1887abd584136fc0cdf04b00d28300a8 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 5635688 a6493391cc463c7fe89e6118c366e512 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 930 5ecc22cd96f688c0c1668d2e4697335c http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 1958 113d0cf11bee7c7a8017996d533ef860 http://security.ubuntu.com/ubuntu/pool/main/o/openoffice.... Size/MD5: 230654 e2cae71d8b67754fc47bbc173c4f0ac6 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds