Advisory: http://www.securityfocus.com/bid/13092/ Fedora Core 3 update: http://www.redhat.com/archives/fedora-announce-list/2005-April/msg00027.html An attacker may exploit this issue by crafting a malformed .doc file and enticing a user to open this file with the affected application. If a vulnerable user opens this file in OpenOffice, the application may crash due to memory corruption. This issue may also be leveraged to execute arbitrary code in the context of the user running OpenOffice. Filing this for Fedora Core 2; seems like it probably also affects FC1 and RHL9. (For those releases, also see bug #152784 (CAN-2004-0752) which is already fixed for FC2. The (pre-update) FC3 package and FC2 package are basically identical; we should be able to just rebuild the FC3 package to make our update.
I actually have FC2 packages that I pushed through Beehive right before the cutoff date happened. I'd be happy to post them somewhere, since I was just about to push them to fc2-updates anyway right when the cutoff came around.
packages for FC2 are here: http://people.redhat.com/dcbw/ooo/
Thanks Dan!
Packages were pushed to updates-testing.
fc2: openoffice.org-1.1.3-11.4.0.fc2 packages were downloaded into a temporary directory, checked with rpm -K openoffice*, and installed without any exceptions or difficulty. In turn, openoffice.org calc, draw, impress, and writer were opened and used without encountering any exceptions. Project management and Math were opened and closed, but not used. Tests performed included the following. WRITER: 1. A new document was created and saved in native oo.o format. Writer was closed, reopened and the newly created writer document was opened and closed without exception or error. 2. A pre-existing native oo.o format document containing both text and tables imported from oo.o calc was loaded, edited slightly and saved without error. 3. A pre-existing .doc file was opened and saved in native oo.o format, as .pdf, as .rtf, and as .html. All created documents were subsequently opened with oo.o. The .rtf document was also opened with abiword, the .html document was opened with Konqueror, and the .pdf document was opened with PDF Viewer. CALC: 1. A pre-existing .xls spreadsheet document of greater size than oo.o can process was opened. oo.o continued running, advising the user that rows in excess of oo.o capacity were not imported. (Unexpected outcome: Loading of this spreadsheet file seemed a bit faster than I remembered from earlier versions of oo.o.) 2. A new spreadsheet was created using test data and four of the more simple built-in statistical functions. No errors or exceptions encountered. 3. Several existing .xls files containing table lookups, mutiple coloring of text, statistical functions, relatively sophisticated formating were successfully opened without observing any indications that formating had changed or that functions used were not accurately supported. DRAW, IMPRESS: 1. Simple new documents were created and saved. Oo.o was closed, reopened and the newly created documents were reopened without error. +verify
Released to updates