--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2008-9313
2008-10-31 08:44:46
--------------------------------------------------------------------------------Name        : openoffice.org
Product     : Fedora 9
Version     : 2.4.2
Release     : 18.1.fc9
URL         : http://www.openoffice.org/
Summary     : OpenOffice.org comprehensive office suite.
Description :
OpenOffice.org is an Open Source, community-developed, multi-platform
office productivity suite.  It includes the key desktop applications,
such as a word processor, spreadsheet, presentation manager, formula
editor and drawing program, with a user interface and feature set
similar to other office suites.  Sophisticated and flexible,
OpenOffice.org also works transparently with a variety of file
formats, including Microsoft Office.

Usage: Simply type "ooffice" to run OpenOffice.org or select the
requested component (Writer, Calc, Impress, etc.) from your
desktop menu. On first start a few files will be installed in the
user's home, if necessary.

--------------------------------------------------------------------------------Update Information:

Security update to address  - CVE-2008-2237: Manipulated WMF files  -CVE-2008-2238: Manipulated EMF files  as described at
http://www.openoffice.org/security/bulletin.html
--------------------------------------------------------------------------------ChangeLog:

* Wed Oct 29 2008 Caolan McNamara  - 1:2.4.2-18.1
- Resolves: ooo#94495 Toggle weblayout/normal layout and notes
- Resolves: rhbz#465792 openoffice.org-2.4.1.ooo81576.vcl.fixscale.patch
- Resolves: rhbz#468336 openoffice.org-3.0.0.ooo95533.sw.safertableexport.patch
- CVE-2008-2237: Manipulated WMF files
- CVE-2008-2238: Manipulated EMF files
* Tue Aug 26 2008 Caolan McNamara  - 1:2.4.1-17.6
- Resolves: CVE-2008-3282 numeric truncation error in OOo memory allocator
- add openoffice.org-2.4.0.ooo93119.shell.echos.patch
* Wed Jul 23 2008 Caolan McNamara  - 1:2.4.1-17.5
- Resolves: rhbz#452376 backport workspace.locdat30.patch for Serbian
- Resolves: rhbz#452376 update Serbian translations
- Resolves: rhbz#452379 extend Serbian translations
- Resolves: rhbz#452374 add openoffice.org-3.0.0.ooo86142.serbiannumbering.patch
- Resolves: rhbz#452385 add postgress-jdbc to default classpath
- Resolves: rhbz#456292 openoffice.org-3.0.0.ooo92026.sd.disposed_during_disposing.patch
- Resolves: rhbz#457193 openoffice.org-3.0.0.ooo92253.dbaccess.a11y.crash
- Resolves: rhbz#457303 notes related right click in empty space crash
- rhbz#455711 add openoffice.org-3.0.0.ooo92343.svtools.strangethrow.patch
* Fri Jun 13 2008 Caolan McNamara  - 1:2.4.1-17.4
- Resolves: rhbz#451485 fix vertical glyphs
- Resolves: rhbz#450661 openoffice.org-3.0.0.ooo90306.sw.wrongprotection.patch
- Resolves: rhbz#448464 openoffice.org-3.0.0.ooo48400.svx.fixspelling.patch
- Resolves: rhbz#450930 openoffice.org-3.0.0.ooo90697.sd.a11ycrash.patch
* Fri Jun  6 2008 Caolan McNamara  - 1:2.4.1-17.3
- remove pointless "register" dialog request
- Resolves: rhbz#450212 openoffice.org-3.0.0.ooo82545.np_sdk.x86_64.patch
* Tue Jun  3 2008 Caolan McNamara  - 1:2.4.1-17.2
- filter out -fasynchronous-unwind-tables because it doesn't work with -Os
  on i386
- Resolves: rhbz#448553 openoffice.org-3.0.0.ooo90037.vcl.cairotransforms.patch
* Sun Jun  1 2008 Caolan McNamara  - 1:2.4.1-17.1
- Resolves: rhbz#445588 add openoffice.org-3.0.0.ooo87970.vcl.samenamesubs.patch
- drop integrated openoffice.org-2.3.1.ooo81307.sw.word2.patch
- drop integrated workspace.os114.patch
* Thu May 22 2008 Caolan McNamara  - 1:2.4.0-12.10
- rebuild
- Resolves: rhbz#447199 add workspace.impress138.patch
- Resolves: rhbz#447212 nostrict-aliasing is broken gcc#36187
* Mon May 12 2008 Caolan McNamara  - 1:2.4.0-12.9
- Resolves: rhbz#444571 add openoffice.org-3.0.0.ooo88090.chart2.negativecount.patch
- Resolves: rhbz#445318 fix notes related crash
- Resolves: rhbz#445953 backport 2.4.1 ww8 bidi digit fixes
- Resolves: rhbz#446005 there's something very wrong here, but every
  attempt to isolate it makes it go away
- add openoffice.org-3.0.0.ooo89002.vcl.symbolfonts.patch
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #462639 - CVE-2008-2237 OpenOffice.org WMF integer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=462639
  [ 2 ] Bug #466528 - CVE-2008-2238 OpenOffice.org multiple EMF buffer overflows
        https://bugzilla.redhat.com/show_bug.cgi?id=466528
--------------------------------------------------------------------------------This update can be installed with the "yum" update program.  Use 
su -c 'yum update openoffice.org' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 9 Update: openoffice.org-2.4.2-18.1.fc9

October 31, 2008
Security update to address - CVE-2008-2237: Manipulated WMF files -CVE-2008-2238: Manipulated EMF files as described at http://www.openoffice.org/security/bulletin.html

Summary

OpenOffice.org is an Open Source, community-developed, multi-platform

office productivity suite. It includes the key desktop applications,

such as a word processor, spreadsheet, presentation manager, formula

editor and drawing program, with a user interface and feature set

similar to other office suites. Sophisticated and flexible,

OpenOffice.org also works transparently with a variety of file

formats, including Microsoft Office.

Usage: Simply type "ooffice" to run OpenOffice.org or select the

requested component (Writer, Calc, Impress, etc.) from your

desktop menu. On first start a few files will be installed in the

user's home, if necessary.

Security update to address - CVE-2008-2237: Manipulated WMF files -CVE-2008-2238: Manipulated EMF files as described at

http://www.openoffice.org/security/bulletin.html

* Wed Oct 29 2008 Caolan McNamara - 1:2.4.2-18.1

- Resolves: ooo#94495 Toggle weblayout/normal layout and notes

- Resolves: rhbz#465792 openoffice.org-2.4.1.ooo81576.vcl.fixscale.patch

- Resolves: rhbz#468336 openoffice.org-3.0.0.ooo95533.sw.safertableexport.patch

- CVE-2008-2237: Manipulated WMF files

- CVE-2008-2238: Manipulated EMF files

* Tue Aug 26 2008 Caolan McNamara - 1:2.4.1-17.6

- Resolves: CVE-2008-3282 numeric truncation error in OOo memory allocator

- add openoffice.org-2.4.0.ooo93119.shell.echos.patch

* Wed Jul 23 2008 Caolan McNamara - 1:2.4.1-17.5

- Resolves: rhbz#452376 backport workspace.locdat30.patch for Serbian

- Resolves: rhbz#452376 update Serbian translations

- Resolves: rhbz#452379 extend Serbian translations

- Resolves: rhbz#452374 add openoffice.org-3.0.0.ooo86142.serbiannumbering.patch

- Resolves: rhbz#452385 add postgress-jdbc to default classpath

- Resolves: rhbz#456292 openoffice.org-3.0.0.ooo92026.sd.disposed_during_disposing.patch

- Resolves: rhbz#457193 openoffice.org-3.0.0.ooo92253.dbaccess.a11y.crash

- Resolves: rhbz#457303 notes related right click in empty space crash

- rhbz#455711 add openoffice.org-3.0.0.ooo92343.svtools.strangethrow.patch

* Fri Jun 13 2008 Caolan McNamara - 1:2.4.1-17.4

- Resolves: rhbz#451485 fix vertical glyphs

- Resolves: rhbz#450661 openoffice.org-3.0.0.ooo90306.sw.wrongprotection.patch

- Resolves: rhbz#448464 openoffice.org-3.0.0.ooo48400.svx.fixspelling.patch

- Resolves: rhbz#450930 openoffice.org-3.0.0.ooo90697.sd.a11ycrash.patch

* Fri Jun 6 2008 Caolan McNamara - 1:2.4.1-17.3

- remove pointless "register" dialog request

- Resolves: rhbz#450212 openoffice.org-3.0.0.ooo82545.np_sdk.x86_64.patch

* Tue Jun 3 2008 Caolan McNamara - 1:2.4.1-17.2

- filter out -fasynchronous-unwind-tables because it doesn't work with -Os

on i386

- Resolves: rhbz#448553 openoffice.org-3.0.0.ooo90037.vcl.cairotransforms.patch

* Sun Jun 1 2008 Caolan McNamara - 1:2.4.1-17.1

- Resolves: rhbz#445588 add openoffice.org-3.0.0.ooo87970.vcl.samenamesubs.patch

- drop integrated openoffice.org-2.3.1.ooo81307.sw.word2.patch

- drop integrated workspace.os114.patch

* Thu May 22 2008 Caolan McNamara - 1:2.4.0-12.10

- rebuild

- Resolves: rhbz#447199 add workspace.impress138.patch

- Resolves: rhbz#447212 nostrict-aliasing is broken gcc#36187

* Mon May 12 2008 Caolan McNamara - 1:2.4.0-12.9

- Resolves: rhbz#444571 add openoffice.org-3.0.0.ooo88090.chart2.negativecount.patch

- Resolves: rhbz#445318 fix notes related crash

- Resolves: rhbz#445953 backport 2.4.1 ww8 bidi digit fixes

- Resolves: rhbz#446005 there's something very wrong here, but every

attempt to isolate it makes it go away

- add openoffice.org-3.0.0.ooo89002.vcl.symbolfonts.patch

[ 1 ] Bug #462639 - CVE-2008-2237 OpenOffice.org WMF integer overflow

https://bugzilla.redhat.com/show_bug.cgi?id=462639

[ 2 ] Bug #466528 - CVE-2008-2238 OpenOffice.org multiple EMF buffer overflows

https://bugzilla.redhat.com/show_bug.cgi?id=466528

su -c 'yum update openoffice.org' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2008-9313 2008-10-31 08:44:46 Product : Fedora 9 Version : 2.4.2 Release : 18.1.fc9 URL : http://www.openoffice.org/ Summary : OpenOffice.org comprehensive office suite. Description : OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. Usage: Simply type "ooffice" to run OpenOffice.org or select the requested component (Writer, Calc, Impress, etc.) from your desktop menu. On first start a few files will be installed in the user's home, if necessary. Security update to address - CVE-2008-2237: Manipulated WMF files -CVE-2008-2238: Manipulated EMF files as described at http://www.openoffice.org/security/bulletin.html * Wed Oct 29 2008 Caolan McNamara - 1:2.4.2-18.1 - Resolves: ooo#94495 Toggle weblayout/normal layout and notes - Resolves: rhbz#465792 openoffice.org-2.4.1.ooo81576.vcl.fixscale.patch - Resolves: rhbz#468336 openoffice.org-3.0.0.ooo95533.sw.safertableexport.patch - CVE-2008-2237: Manipulated WMF files - CVE-2008-2238: Manipulated EMF files * Tue Aug 26 2008 Caolan McNamara - 1:2.4.1-17.6 - Resolves: CVE-2008-3282 numeric truncation error in OOo memory allocator - add openoffice.org-2.4.0.ooo93119.shell.echos.patch * Wed Jul 23 2008 Caolan McNamara - 1:2.4.1-17.5 - Resolves: rhbz#452376 backport workspace.locdat30.patch for Serbian - Resolves: rhbz#452376 update Serbian translations - Resolves: rhbz#452379 extend Serbian translations - Resolves: rhbz#452374 add openoffice.org-3.0.0.ooo86142.serbiannumbering.patch - Resolves: rhbz#452385 add postgress-jdbc to default classpath - Resolves: rhbz#456292 openoffice.org-3.0.0.ooo92026.sd.disposed_during_disposing.patch - Resolves: rhbz#457193 openoffice.org-3.0.0.ooo92253.dbaccess.a11y.crash - Resolves: rhbz#457303 notes related right click in empty space crash - rhbz#455711 add openoffice.org-3.0.0.ooo92343.svtools.strangethrow.patch * Fri Jun 13 2008 Caolan McNamara - 1:2.4.1-17.4 - Resolves: rhbz#451485 fix vertical glyphs - Resolves: rhbz#450661 openoffice.org-3.0.0.ooo90306.sw.wrongprotection.patch - Resolves: rhbz#448464 openoffice.org-3.0.0.ooo48400.svx.fixspelling.patch - Resolves: rhbz#450930 openoffice.org-3.0.0.ooo90697.sd.a11ycrash.patch * Fri Jun 6 2008 Caolan McNamara - 1:2.4.1-17.3 - remove pointless "register" dialog request - Resolves: rhbz#450212 openoffice.org-3.0.0.ooo82545.np_sdk.x86_64.patch * Tue Jun 3 2008 Caolan McNamara - 1:2.4.1-17.2 - filter out -fasynchronous-unwind-tables because it doesn't work with -Os on i386 - Resolves: rhbz#448553 openoffice.org-3.0.0.ooo90037.vcl.cairotransforms.patch * Sun Jun 1 2008 Caolan McNamara - 1:2.4.1-17.1 - Resolves: rhbz#445588 add openoffice.org-3.0.0.ooo87970.vcl.samenamesubs.patch - drop integrated openoffice.org-2.3.1.ooo81307.sw.word2.patch - drop integrated workspace.os114.patch * Thu May 22 2008 Caolan McNamara - 1:2.4.0-12.10 - rebuild - Resolves: rhbz#447199 add workspace.impress138.patch - Resolves: rhbz#447212 nostrict-aliasing is broken gcc#36187 * Mon May 12 2008 Caolan McNamara - 1:2.4.0-12.9 - Resolves: rhbz#444571 add openoffice.org-3.0.0.ooo88090.chart2.negativecount.patch - Resolves: rhbz#445318 fix notes related crash - Resolves: rhbz#445953 backport 2.4.1 ww8 bidi digit fixes - Resolves: rhbz#446005 there's something very wrong here, but every attempt to isolate it makes it go away - add openoffice.org-3.0.0.ooo89002.vcl.symbolfonts.patch [ 1 ] Bug #462639 - CVE-2008-2237 OpenOffice.org WMF integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=462639 [ 2 ] Bug #466528 - CVE-2008-2238 OpenOffice.org multiple EMF buffer overflows https://bugzilla.redhat.com/show_bug.cgi?id=466528 su -c 'yum update openoffice.org' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 9
Version : 2.4.2
Release : 18.1.fc9
URL : http://www.openoffice.org/
Summary : OpenOffice.org comprehensive office suite.

Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved