Package: openoffice.org Version: 1.1.3-7 Severity: grave Tags: security patch Justification: user security hole
Recently, SecurityFocus announced a vulnerability in OpenOffice version 1.1.4 and all prior versions. (http://www.securityfocus.com/archive/1/395516) This allows a mallicous DOC file to execute arbatrary code as the user running openoffice. A patch has been posted for version 1.1.4, but no patch exists for 1.1.3- users are recomended to upgrade. See http://download.openoffice.org/1.1.4/security_patch.html for details and the patch provided. - -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.29-1-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages openoffice.org depends on: ii dictionaries-common [openoffi 0.24.10 Common utilities for spelling dict ii openoffice.org-bin 1.1.3-7 OpenOffice.org office suite binary ii openoffice.org-debian-files 1.1.3-5+1 Debian specific parts of OpenOffic ii openoffice.org-l10n-en [openo 1.1.3-7 English (US) language package for ii ttf-opensymbol 1.1.3-7 The OpenSymbol TrueType font -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]