Bug 175260

Summary: koffice, kpdf multiple vulnerabilities (CAN-2005-3191, CAN-2005-3192, CAN-2005-3193)
Product: [Fedora] Fedora Reporter: Ville Skyttä <scop>
Component: kofficeAssignee: Andreas Bierfert <andreas.bierfert>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: high    
Version: 4CC: extras-qa, rdieter, than
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://www.kde.org/info/security/advisory-20051207-1.txt
Whiteboard:
Fixed In Version: 1.4.2-2 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-01-03 08:38:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
updated advisory none

Description Ville Skyttä 2005-12-08 10:39:33 UTC 
More info and links to patches at
http://www.kde.org/info/security/advisory-20051207-1.txt
Comment 1 Andreas Bierfert 2005-12-13 11:34:09 UTC 
Build for fc4
Comment 2 Rex Dieter 2005-12-20 15:49:34 UTC 
FYI, advisory was re-issued with new patches:
http://www.kde.org/info/security/advisory-20051207-2.txt

Please include the (full) URL to the advisory.txt, patch, as well as patch's
.asc signature in the specfile/srpm as well.
Comment 3 Rex Dieter 2005-12-20 15:54:10 UTC 
Nevermind, looks like that -2.txt doesn't exist yet, but has been distributed to
kde packagers only (atm), but the patches are new(er).
Comment 4 Rex Dieter 2005-12-20 16:08:07 UTC 
Created attachment 122450 [details]
updated advisory
Comment 5 Rex Dieter 2005-12-20 16:09:33 UTC 
marking private to Fedora Project Contributors (for now).
Comment 6 Andreas Bierfert 2005-12-20 16:31:37 UTC 
[05:33 PM][awjb@alkaid ~/cvs/fedora/extras/rpms/koffice]$ diff
post-1.3-koffice-CAN-2005-3193.diff FC-4/koffice-CAN-2005-3193.diff 
[05:34 PM][awjb@alkaid ~/cvs/fedora/extras/rpms/koffice]$

seems like the patch is the same that is in the tree for FC-4 and devel (both
have been build an published...)
Comment 7 Andreas Bierfert 2005-12-31 08:40:33 UTC 
Rex could you comment on this? Either this is already fixed or I need more info...
Comment 8 Rex Dieter 2006-01-02 12:47:14 UTC 
Simply verify that you have the latest version of the patch (since it had been
updated since original publication).
Comment 9 Andreas Bierfert 2006-01-03 08:38:52 UTC 
Verified. Closing.