[SECURITY] Fedora 12 Update: openoffice.org-3.1.1-19.32.fc12
updates at fedoraproject.org
updates at fedoraproject.org
Mon Jun 7 22:16:55 UTC 2010
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-9576
2010-06-07 20:39:19
--------------------------------------------------------------------------------
Name : openoffice.org
Product : Fedora 12
Version : 3.1.1
Release : 19.32.fc12
URL : http://www.openoffice.org/
Summary : OpenOffice.org comprehensive office suite.
Description :
OpenOffice.org is an Open Source, community-developed, multi-platform
office productivity suite. It includes the key desktop applications,
such as a word processor, spreadsheet, presentation manager, formula
editor and drawing program, with a user interface and feature set
similar to other office suites. Sophisticated and flexible,
OpenOffice.org also works transparently with a variety of file
formats, including Microsoft Office.
Usage: Simply type "ooffice" to run OpenOffice.org or select the
requested component (Writer, Calc, Impress, etc.) from your
desktop menu. On first start a few files will be installed in the
user's home, if necessary.
--------------------------------------------------------------------------------
Update Information:
A security vulnerability in OpenOffice.org, related to python scripting, might
lead to unexpected code execution when using the built-in scripting IDE for
exploring python code.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jun 5 2010 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.32
- Resolves: CVE-2010-0395 openoffice.org-3.2.1.pyuno.patch
- Resolves: rhbz#595718 workspace.mba33issues01.patch
- Resolves: rhbz#596980 workspace.vcl112.patch
* Wed May 19 2010 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.31
- Resolves: rhbz#593561 openoffice.org-3.3.0.ooo111699.svx.nullfield.patch
* Fri May 7 2010 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.30
- Resolves: rhbz#589883 openoffice.org-3.1.1.oooXXXXX.sw.ww8exportcrash.patch
* Tue Apr 27 2010 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.29
- Resolves: rhbz#574542 [abrt] crash in
slideshow::internal::EventMultiplexerImpl::forEachView<> (dtardon)
- Resolves: rhbz#579817 [abrt] crash in writePivotTable (caolanm)
- Resolves: rhbz#580694 [abrt] crash in SwDrawTextShell::Init (caolanm)
- Resolves: rhbz#580285 [abrt] crash in OutWW8_SwTextGrid (caolanm)
* Tue Mar 16 2010 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.28
- Resolves: rhbz#573654 fix unwanted "Red" translation (caolanm)
* Mon Mar 15 2010 Dennis Gilmore <dennis at ausil.us> - 1:3.1.1-19.27
- sparc needs --with-alloc=system (dennis)
- prelink is known to not work on sparc so dont run the checks to make sure it will work on sparc arches (dennis)
- fakeroot doesnt work on sparc64, fontpackages-devel requires rpmdevtools which requires fakeroot (dennis)
- ExcludeArch sparc64 for unresovleable deps (dennis)
- Resolves: rhbz#565519 add openoffice.org-3.2.0.ooo95369.sw.sortedobjs.patch (caolanm)
- Resolves: rhbz#566099 fix modal dialog exit in qstarter (caolanm)
- Resolves: rhbz#565906 don't crash on bad .svg in add to gallery (caolanm)
- Resolves: rhbz#564133 [abrt] crash in pdfi::(anonymous
namespace)::Parser::parseLine (dtardon)
- Resolves: rhbz#566586 setting OpenOffice to show changes in document
colored by author doesn't persist (dtardon)
- Resolves: rhbz#566990 handle unreadable .db files (caolanm)
- Resolves: rhbz#568655 add openoffice.org-3.2.0.ooo109743.svx.safedragdrop.patch (caolanm)
- Resolves: rhbz#570102 openoffice.org-3.2.0.ooo109766.dbaccess.catch.patch (caolanm)
- Resolves: rhbz#571100 fix .svg import crash (caolanm)
- Resolves: rhbz#571540 cannot select evolution addressbook as data source (caolanm)
* Fri Feb 12 2010 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.26
- CVE-2009-2950 GIF file parsing heap overflow (caolanm)
- CVE-2009-2949 integer overflow in XPM processing (caolanm)
- CVE-2009-3301 .doc Table Parsing vulernability (caolanm)
- CVE-2009-3302 .doc Table Parsing vulernability (caolanm)
- Resolves: rhbz#561778 openoffice.org-3.2.0.oooXXXXX.svx.safestyledelete.patch
- Resolves: rhbz#561989 openoffice.org-3.2.0.ooo109009.sc.tooltipcrash.patch
- Resolves: rhbz#445588 improve same name substitution
* Tue Feb 2 2010 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.25
- Resolves: rhbz#549890 add workspace.extmgr01.patch (dtardon)
- Resolves: rhbz#551983 OpenOffice writer crashes when opening document
with link in footnote (dtardon)
- Resolves: rhbz#550316 Openoffice.org Impress loses graphics when
background color is changed (dtardon)
- Resolves: rhbz#554259 No autocorrect files for Lithuanian (dtardon)
- Resolves: rhbz#553929 [abrt] crash in ColorConfigCtrl_Impl::ScrollHdl
(dtardon)
- Resolves: rhbz#549573 improve document compare (caolanm)
- Resolves: rbhz#555257 openoffice cannot use JPEG images using CMYK
colorspace (dtardon)
- Resolves: rhbz#558342 [abrt] crash in SvxNumOptionsTabPage::InitControls
(dtardon)
- Resolves: ooo#108637/rhbz#558253 sfx2 uisavedir (caolanm)
- Resolves: rhbz#560435 rtf dropcap crash (caolanm)
- Resolves: rhbz#560996/rhbz#560353 qstartfixes (caolanm)
* Tue Dec 22 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.24
- Resolves: rhbz#545824 bustage in writer with emboldened fonts
* Fri Dec 18 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.23
- Resolves: rhbz#548512 workspace.ooo32gsl03.patch
* Tue Dec 15 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.22
- Resolves: rhbz#529648 add workspace.fwk132.patch
- Resolves: rhbz#547176 add
openoffice.org-3.2.0.ooo47279.sd.objectsave.safe.patch
* Wed Dec 9 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.21
- Resolves: rhbz#544124 add openoffice.org-3.2.0.ooo106502.svx.fixspelltimer.patch
- Resolves: rhbz#544218 add openoffice.org-3.2.0.ooo107552.vcl.sft.patch
- Resolves: rhbz#545783 add workspace.vcl105.patch
* Fri Nov 27 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.20
- Resolves: rhbz#541222 add
openoffice.org-3.2.0.ooo107260.dtrans.clipboard.shutdown.patch (caolanm)
* Mon Nov 23 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.19
- Resolves: rhbz#540379/ooo#107131 impress tabledrag crash
- Resolves: rhbz#540231 add openoffice.org-3.2.0.oooXXXXX.canvas.fixcolorspace.patch
- add openoffice.org-4.2.0.ooo107151.sc.pop-empty-cell.patch (dtardon)
- Resolves: rhbz#533538 OpenOffice keyboard shortcuts mis-map in the
Spanish localized version of OOo (caolanm)
* Tue Nov 17 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.18
- Resolves: ooo#59648 sw .doc export scaling (caolanm)
* Tue Nov 10 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.17
- Resolves: rhbz#533841 ooo#105710 svx loadstorenumbering (caolanm)
* Thu Nov 5 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.16
- Resolves: ooo#106523 fix pdf/A export on x86_64 (caolanm)
* Thu Nov 5 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-19.15
- Resolves: ooo#106497 language marked as providing spellchecking when
unavailable (caolanm)
- Resolves: rhbz#532330 openoffice impress doesn't recognise .ogv
files as video (dtardon)
- Resolves: rhbz#533146 calc notes go missing on save (caolanm)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #574119 - CVE-2010-0395 openoffice.org Execution of Python code when browsing macros
https://bugzilla.redhat.com/show_bug.cgi?id=574119
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update openoffice.org' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list