Summary: | x11-libs/goffice: (possible) automatic opening of embedded external data (CVE-2012-5639) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome-office+disabled, gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=887416 | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 447378, 447380 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2012-12-15 18:31:25 UTC
@maintainer: ping. Your testing is greatly appreciated. The discussion for this bug is http://seclists.org/oss-sec/2012/q4/453 where CVE-2012-5639 was assigned. Although the initial bug report also mention {open,libre}office, this is being tracked in bug 447380. LibreOffice states this is fixed in 4.2 by introducing a stealth mode: http://whatofhow.wordpress.com/2013/12/02/stealth-mode/ (from https://bugs.freedesktop.org/show_bug.cgi?id=58295#c2 ) Input from goffice maintainers would be appreciated. |