drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zahlenüberläufe in LibreOffice
Name: |
Zahlenüberläufe in LibreOffice |
|
ID: |
USN-1495-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 11.04, Ubuntu 11.10 |
|
Datum: |
Di, 3. Juli 2012, 08:14 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2334 |
|
Applikationen: |
LibreOffice |
|
Originalnachricht |
--===============0072592580853406008== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-z6EIf0h8VwN35piCBLL0"
--=-z6EIf0h8VwN35piCBLL0 Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1495-1 July 02, 2012
libreoffice, libreoffice-l10n vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10 - Ubuntu 11.04
Summary:
LibreOffice could be made to crash or potentially run programs as your login if it opened a specially crafted file.
Software Description: - libreoffice: Office productivity suite - libreoffice-l10n: Office productivity suite help
Details:
Integer overflows were discovered in the graphics loading code of several different image types. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-1149)
Sven Jacobi discovered an integer overflow when processing Escher graphics records. If a user were tricked into opening a specially crafted PowerPoint file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2012-2334)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: libreoffice-core 1:3.4.4-0ubuntu1.2 libreoffice-l10n-common 1:3.4.4-0ubuntu1.2
Ubuntu 11.04: libreoffice-core 1:3.3.4-0ubuntu1.2 libreoffice-l10n-common 1:3.3.3-1ubuntu1.2
After a standard system update you need to restart LibreOffice to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1495-1 CVE-2012-1149, CVE-2012-2334
Package Information: https://launchpad.net/ubuntu/+source/libreoffice/1:3.4.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice-l10n/1:3.4.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice/1:3.3.4-0ubuntu1.2 https://launchpad.net/ubuntu/+source/libreoffice-l10n/1:3.3.3-1ubuntu1.2
--Ó6EIf0h8VwN35piCBLL0 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJP8lGAAAoJEFHb3FjMVZVzNgUP+gJdfOfeZm574CgE6x+2YFVv R7Dh1+jYpVGjBbrITIEZVLeikjycSyqhuRGwVFgFO5OaNMpQuva5UjLObqvDQTxQ hePHlVx8mf+Mju6xhwi1C8Hz6MeqdjIEpr71Qdq6L/W1CEXaTHrnWKktEtDp8xjx EK5eXtSo/7dYH9Ym8+HlnvPsBbfWJiHqFmuQZDw+ilRqfDjSYsE+KR7pVgCKCfP+ TU46cixM6kYy5Yc9CHLurCza5CoCBT7rhffSorj0XJT6c5f1E336AO3jFc/LrgkY x4aFpnTggpttktXXTgGWswvcJt+apGh0mgp8aFfeN78AlktnCpNaz8pjJJuyE93B vKo1SvnI0WhOccwOKPHZdlwjLrp4Qx1ecrBvaBHXbSDGiUmIRwH9xiq2Qfe+G3J5 rJKLgHvphe0RFSQrzl3njyRUZZTBB0/fFE1P1B+z/aFZVbEdXqQ7jcrU4X9qFqfu jcP6NndxJ8R7HzuO9SYyc70RNzqZuufZfTxwk3G+oB+7/6Sty30A6ktVvNq/7BnP 30Q5SGEnGrUsmA/V3cbSW4fAL4VA4MquB7/wUkMIIFSrdR/lYoRy/gY39R/bqhwl II3YhTXOTWPZV1MjMgwv+6iE8xSfGQK7b+qJaYnZhjQaK2k8/3v22d9nxV9rKGOe 1iYqHifWM51tmfrfAzZx =fNY4 -----END PGP SIGNATURE-----
--=-z6EIf0h8VwN35piCBLL0--
--===============0072592580853406008== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0072592580853406008==--
|
|
|
|