ELSA-2011-0181

ELSA-2011-0181 - openoffice.org security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2011-01-28

Description

openoffice.org
[1.1.5-10.7.10]
- Resolves: rhbz#642175 openoffice.org various flaws
- CVE-2010-4643 heap based buffer overflow when parsing TGA files

[1.1.5-10.7.8]
- Resolves: rhbz#642175 openoffice.org various flaws
- CVE-2010-3450 directory traversal flaws in handling of XSLT jar filter
descriptions and OXT extension files
- CVE-2010-3451 Array index error by insecure parsing of broken rtf
tables
- CVE-2010-3452 Integer signedness error (crash) by processing certain
RTF tags
- CVE-2010-3453 Heap-based buffer overflow by processing *.doc files
with WW8 list styles with specially-crafted count of list levels
- CVE-2010-3454 Array index error by scanning document typography
information of certain *.doc files

Related CVEs

CVE-2010-3450

CVE-2010-3451

CVE-2010-3452

CVE-2010-3453

CVE-2010-3454

CVE-2010-4643

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 4 (i386)	openoffice.org-1.1.5-10.7.el4_8.10.src.rpm	7f5b29d60055e8cdbd89ab16daa7792b	-
	openoffice.org-1.1.5-10.7.el4_8.10.i386.rpm	1744a8ae8ae65abe416506fa30285eac	-
	openoffice.org-i18n-1.1.5-10.7.el4_8.10.i386.rpm	c0100eb0ec6f8667cd51db18438a6462	-
	openoffice.org-kde-1.1.5-10.7.el4_8.10.i386.rpm	7b7bfc196456df7fb03e611df65f9e31	-
	openoffice.org-libs-1.1.5-10.7.el4_8.10.i386.rpm	f44a8124a8d85e223756c78ec1a4d668	-
Oracle Linux 4 (x86_64)	openoffice.org-1.1.5-10.7.el4_8.10.src.rpm	7f5b29d60055e8cdbd89ab16daa7792b	-
	openoffice.org-1.1.5-10.7.el4_8.10.i386.rpm	1744a8ae8ae65abe416506fa30285eac	-
	openoffice.org-i18n-1.1.5-10.7.el4_8.10.i386.rpm	c0100eb0ec6f8667cd51db18438a6462	-
	openoffice.org-libs-1.1.5-10.7.el4_8.10.i386.rpm	f44a8124a8d85e223756c78ec1a4d668	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team