--===============0150515602==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
 boundary="zCKi3GIZzVBPywwA"
Content-Disposition: inline


--zCKi3GIZzVBPywwA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-202-1	   October 12, 2005
koffice vulnerability
CAN-2005-2971
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

koffice-libs
kword

The problem can be corrected by upgrading the affected package to
version 1:1.3.5-2ubuntu1.1.  After a standard system upgrade you need
to restart all KOffice applications to effect the necessary changes.

Details follow:

Chris Evans discovered a buffer overflow in the RTF import module of
KOffice. By tricking a user into opening a specially-crafted RTF file,
an attacker could exploit this to execute arbitrary code with the
privileges of the AbiWord user.

  Source archives:

    koffice_1.3.5-2ubuntu1.1.diff.gz
      Size/MD5:     8816 85d465e2669a24b0019233221a0e15fd
    koffice_1.3.5-2ubuntu1.1.dsc
      Size/MD5:      999 2eaa86d2bee10bad8d0b34ed2e60d336
    koffice_1.3.5.orig.tar.gz
      Size/MD5: 13154501 2c9b45ecbf16a8c5d16ce9d2f51c2571

  Architecture independent packages:

    kivio-data_1.3.5-2ubuntu1.1_all.deb
      Size/MD5:   615280 b84003db4ad4625b7266b479eaf1d50c
    koffice-data_1.3.5-2ubuntu1.1_all.deb
      Size/MD5:   684630 3275891bff107e56d00e13687eea0e22
    koffice-doc-html_1.3.5-2ubuntu1.1_all.deb
      Size/MD5:   305362 3edd7173b3597eec1b25a5308b509328
    koffice_1.3.5-2ubuntu1.1_all.deb
      Size/MD5:    13502 77d6fdda1ad2093ab9e0b45fcf5c8046

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    karbon_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:   854530 fbb920f93b00e7c84c789f514f24773a
    kchart_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:   673748 b7c436b6086dde8aaaed316bc52a607c
    kformula_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:   693330 f1cf7350e87e566692db888c75fcca14
    kivio_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:   583362 ec86ad4dbf9edc7a04341d62639e5afd
    koffice-dev_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:   147476 83ba665bb66e17484c3857c34001b3ec
    koffice-libs_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:  2134962 cff8c010e89c59855294a53e9dca965c
    koshell_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:    51192 bce62ed710af795af1727d2f01b1d02d
    kpresenter_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:  2536672 3b9a038cd580d80fdf4cc046f77154cd
    kspread_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:  1754694 aab82c7ab4b5fb646dd26abfd730c9d9
    kugar_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:   551772 762fdef125636d9272ba1945d7f2ed85
    kword_1.3.5-2ubuntu1.1_amd64.deb
      Size/MD5:  3591006 cefbf03ef13b678400082e75786881d6

  i386 architecture (x86 compatible Intel/AMD)

    karbon_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:   778648 254467d67814c5ccf9cc1e3ebf65cb09
    kchart_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:   660210 019389de3b7e2d12b0618caccf49a3cb
    kformula_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:   689214 fe8b796c71500cfe3a51867ed7689ac7
    kivio_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:   541344 1103a760575623d236a45f5d79ca4e6b
    koffice-dev_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:   147474 d7641c10c832e4b6e92b86bb4202e058
    koffice-libs_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:  1994548 72fadda393d3905eb81487c3e993e98f
    koshell_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:    48998 aae5d22d053d2fde95ee844262b5ae32
    kpresenter_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:  2503204 5114895616ae77175c1fad011a5da104
    kspread_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:  1668520 04f4ad391680010fc843f27faceacbff
    kugar_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:   533270 cc9ed083427380bac4a6dcff86933f24
    kword_1.3.5-2ubuntu1.1_i386.deb
      Size/MD5:  3452150 6dbb03a9966d8ccd975e4784acf46bd8

  powerpc architecture (Apple Macintosh G3/G4/G5)

    karbon_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:   826906 f7cbe8e0113ccf1b76e515a715f918a8
    kchart_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:   651168 655d47e3d8cabf6c54f51abaf3554a23
    kformula_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:   690552 cfe8035a78d467c60b435a95a31aed3b
    kivio_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:   554944 5ca771ac6b28b04e8519bc2c3b87e71b
    koffice-dev_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:   147478 56ab71652516e78b4c98b496a33f5b52
    koffice-libs_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:  2022892 133bf90bb269bafb453d3da968e892eb
    koshell_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:    51450 0024c535dafa26d19f417f8965154bc5
    kpresenter_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:  2479510 ebc3269b6416598a5425d11146ffcca2
    kspread_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:  1663382 9729c91b3c63d5ed36fe1523706a809d
    kugar_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:   533568 cc0dda08cb91cf0bc2d12f447072c803
    kword_1.3.5-2ubuntu1.1_powerpc.deb
      Size/MD5:  3491862 dcd9768e9ab6d04c28dbe7b5f987891b

--zCKi3GIZzVBPywwA
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDTLkiDecnbV4Fd/IRAmefAJ9tZ5xIn2WQbPq+A3H0KRG2oRVEEQCgngvu
tuEuCky/Ou4XCjeAsI/OY9Y=
=ITUJ
-----END PGP SIGNATURE-----

--zCKi3GIZzVBPywwA--


--===============0150515602==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============0150515602==--