Bug 462639 (CVE-2008-2237)
Summary: | CVE-2008-2237 OpenOffice.org WMF integer overflow | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Josh Bressers <bressers> | ||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | unspecified | CC: | caolanm, dtardon, kreilly | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2008-11-06 10:59:38 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | 462642, 462643, 462644, 462645, 462719, 462720, 462721 | ||||||||
Bug Blocks: | |||||||||
Attachments: |
|
Description
Josh Bressers
2008-09-17 18:50:07 UTC
Caolan, Do you have the upstream patch for this one? Thanks. It looks like the OpenOffice.org 2.0.x branch and below do not support WMF files, hence they should not be affected by this flaw. It appears to have been added in 2.1.x somewhere. Created attachment 317014 [details]
upstream's patch (original horrific patch format)
I'm not sure that 1.1.X and any particular 2.X.Y are unaffected ? looks like pretty much the same code as current.
I'm inclined to believe you if you say it affects 1.1.x and 2.x.y. I couldn't get them to open the WMF format. Created attachment 317041 [details]
better patch format
Insert Picture->From File might have some success in handling a .wmf file on earlier versions
So it does. I'll file bugs for the various other versions of OOo we have. Thanks. Public now via: http://www.openoffice.org/security/cves/CVE-2008-2237.html Fixed upstream in 2.4.2. openoffice.org-2.3.0-6.17.fc8 has been submitted as an update for Fedora 8. http://admin.fedoraproject.org/updates/openoffice.org-2.3.0-6.17.fc8 openoffice.org-2.4.2-18.1.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/openoffice.org-2.4.2-18.1.fc9 openoffice.org-2.4.2-18.1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. openoffice.org-2.3.0-6.17.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0939.html Fedora: https://admin.fedoraproject.org/updates/F8/FEDORA-2008-9333 https://admin.fedoraproject.org/updates/F9/FEDORA-2008-9313 |