Thomas Biege: A security vulnerability in HSQLDB, the default database engine shipped with OpenOffice.org, may allow a remote unprivileged user who provides a StarOffice database document that is opened by a local user to execute arbitrary Java code on the system with the privileges of the user running OpenOffice.org.
*** Bug 201338 has been marked as a duplicate of this bug. ***
public now. Openoffice herd, please provide an updated ebuild.
We have it in the tree.
Arches(In reply to comment #3) > We have it in the tree. > oops :) Arches, please test and mark stable ap-office/openoffice-2.3.1 (ppc x86) and app-office/openoffice-bin-2.3.1 (amd64 x86)
-bin stable for x86, source to come (in some hours, anyone else can do it meanwhile)
x86 stable
ppc stable
amd64 done
glsarequestfiled
Vulnerable ebuilds are gone from the tree
GLSA 200712-25, thanks everyone.
Does not affect current (2008.0) release. Removing release.