From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------- Debian Security Advisory DSA-2055-1
[email protected] http://www.debian.org/security/ Nico Golde June 5th, 2010
http://www.debian.org/security/faq
- ---------------------------------------------------------------------------
Package : openoffice.org
Vulnerability : macro execution
Problem type : local
Debian-specific: no
Debian bug : none
CVE ID : CVE-2010-0395
It was discovered that OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft(R) Office, is
not properly handling python macros embedded in an office document. This allows an attacker to perform user-assisted execution of arbitrary code in certain use cases of the python macro viewer component.
For the stable distribution (lenny), this problem has been fixed in
version 1:2.4.1+dfsg-1+lenny7.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1:3.2.1-1.
We recommend that you upgrade your openoffice.org packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_2.4.1+dfsg-1+lenny7.diff.gz
Size/MD5 checksum: 84248691 303460980aafa6e25274e19936141525
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_2.4.1+dfsg-1+lenny7.dsc
Size/MD5 checksum: 9765 a9d2abd10d503c9604898718fb2ec366
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org_2.4.1+dfsg.orig.tar.gz
Size/MD5 checksum: 278867131 152a6c5b8e1b4e042ec027cca964e443
Architecture independent packages:
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ts_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 883940 e4cbb2b8e02fc642ae29c798ec791bb9
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-za_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 273094 00b30901c72f922aa1025b01b37ec66d
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-as-in_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 912172 319d9283834a2b01faaf0907332c0892
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-be-by_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 919634 f93aae7e20c3b3e384fca6348a063e8d
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-or-in_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 918488 360909fb743fc93a2963d27f40a65f2d
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ne_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 928934 86a54280824fe0bc7d3916d7f4a90481
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-nb_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 861364 401f38d95fd31c965c36a6eb9c94e7ea
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-help-ko_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 13369258 f9397808a0052a4d1ecf1942243b3775
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-report-builder_1.0.2+OOo2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 478178 33da757ec2dafc62b24c65d71a0feb5e
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-cy_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 854748 2264acfe40f87ee78c9d2855015c45fc
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-style-crystal_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 4130250 71da86b7faacb9f8259ea86d7e6004b2
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-help-da_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 13133458 0b83e78f91191e1632710a8085a3959d
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-help-eu_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 13278692 fdf09e9a1cbccbf8dd42b81600192e56
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-hr_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 880410 cfa65de6fe8521d18bdc5726cd2bd068
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-st_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 881756 e81995eacf22a1fd17f0d8c2b0a10e4b
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-ga_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 883448 21f16349ebf4294628c6f2c0dff32b1a
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-l10n-nl_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 2031040 671107f8a0dc18284231b7b42ffc4bb9
http://security.debian.org/pool/updates/main/o/openoffice.org/libuno-cli-basetypes1.0-cil_1.0.10.0+OOo2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 276786 14a799b05147d523c112812860edcee0
http://security.debian.org/pool/updates/main/o/openoffice.org/openoffice.org-style-industrial_2.4.1+dfsg-1+lenny7_all.deb
Size/MD5 checksum: 3713130 9fa7da6e041839d576b14c89c6cff6ae
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)