Summary: | <app-office/libreoffice{,-bin}-{3.3.4,3.4.3},<app-office/openoffice-bin-3.4.0 out of bounds reading .doc files (CVE-2011-2713) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Chí-Thanh Christopher Nguyễn <chithanh> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.libreoffice.org/advisories/CVE-2011-2713/ | ||
See Also: | https://bugzilla.redhat.com/show_bug.cgi?id=725668 | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 409509 |
Description
Chí-Thanh Christopher Nguyễn
2011-10-07 14:53:18 UTC
libreoffice is clear of the affected versions (i just forgot to remove 3.3.3 which i did now). So just punt openoffice-bin or whatever you want to do with it... OpenOffice upstream is working on a fix. No ETA yet, though. When CVE-2011-2713 goes public and no fix exists, I will p.mask openoffice-bin. More information appears to be available, it is a DoS vulnerability. Adjusting summary and severity. Arches, please stabilize app-office/openoffice-bin-3.4.0 Target keywords: amd64 x86 ~amd64-linux ~x86-linux (In reply to comment #4) > Arches, please stabilize app-office/openoffice-bin-3.4.0 > > Target keywords: amd64 x86 ~amd64-linux ~x86-linux x86 stable amd64 ok amd64 stable Added to existing GLSA request. This issue was resolved and addressed in GLSA 201209-05 at http://security.gentoo.org/glsa/glsa-201209-05.xml by GLSA coordinator Sean Amoss (ackle). This issue was resolved and addressed in GLSA 201408-19 at http://security.gentoo.org/glsa/glsa-201408-19.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |