Summary: | <app-office/openoffice-{3.2.1-r1,bin-3.3.0}: Two Heap Overflows in OpenOffice Impress (CVE-2010-{2935,2936}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | jaak |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 345309 | ||
Bug Blocks: |
Description
Tim Sammut (RETIRED)
2010-08-11 18:19:29 UTC
CVEs assigned. > A, an integer truncation error, leading to heap-based buffer overflow > > when > > processing dictionary property items of the input *.ppt file: CVE-2010-2935 > > > > B, a short integer overflow, leading to heap-based buffer overflow, > > when processing > > *.ppt document with too big polygons CVE-2010-2936 Sorry for being awfully late on this. Anyway: This is fixed now in openoffice-3.2.1-r1 For openoffice-bin we have to wait for 3.3.0 unfortunately... Nothing we can do here @openoffice, can we stabilize =app-office/openoffice-bin-3.3.0? (In reply to comment #3) > @openoffice, can we stabilize =app-office/openoffice-bin-3.3.0? It's still a bit new in the tree, but not one single bug has been filed against it until now. Also -bin updates are usually pretty uncomplicated. So I would say: Yes. (In reply to comment #4) > So I would say: Yes. Great, thank you. Arches, please test and mark stable: =app-office/openoffice-bin-3.3.0 Target keywords : "amd64 x86" amd64 installed fine x86 stable amd64 done. Thanks Agostino Thanks, again everyone. Added to existing GLSA request. This issue was resolved and addressed in GLSA 201408-19 at http://security.gentoo.org/glsa/glsa-201408-19.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |