Secunia has published an advisory regarding flaws in gnumerinc's XLS parser: http://secunia.com/advisories/28725/ Quoting the advisory: The vulnerability is caused due to integer overflows and signedness errors when processing XLS HLINK opcodes within the "excel_read_HLINK()" function in plugins/excel/ms-excel-read.c. This can be exploited to corrupt the stack via a specially crafted XLS file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.6.3. Versions prior to 1.8.1 may also be affected. Described issue should be fixed in upstream version 1.8.1. References: http://bugzilla.gnome.org/show_bug.cgi?id=505330 http://www.gnome.org/projects/gnumeric/announcements/1.8/gnumeric-1.8.1.shtml Patch as committed to upstream SVN: http://svn.gnome.org/viewvc/gnumeric/trunk/plugins/excel/ms-excel-read.c?r1=16237&r2=16280
gnumeric-1.6.3-14.fc8 has been submitted as an update for Fedora 8
gnumeric-1.6.3-14.fc7 has been submitted as an update for Fedora 7
gnumeric-1.6.3-14.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
gnumeric-1.6.3-14.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This was addressed in: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-1313 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-1403