[El-errata] ELSA-2011-0181 Important: Oracle Linux 4

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jan 28 18:50:39 PST 2011


Oracle Linux Security Advisory ELSA-2011-0181

https://rhn.redhat.com/errata/RHSA-2011-0181.html

The following updated rpms for Oracle Linux 4 have been uploaded to the 
Unbreakable Linux Network:

i386:
openoffice.org-1.1.5-10.7.el4_8.10.i386.rpm
openoffice.org-i18n-1.1.5-10.7.el4_8.10.i386.rpm
openoffice.org-kde-1.1.5-10.7.el4_8.10.i386.rpm
openoffice.org-libs-1.1.5-10.7.el4_8.10.i386.rpm

x86_64:
openoffice.org-1.1.5-10.7.el4_8.10.i386.rpm
openoffice.org-i18n-1.1.5-10.7.el4_8.10.i386.rpm
openoffice.org-libs-1.1.5-10.7.el4_8.10.i386.rpm


SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/openoffice.org-1.1.5-10.7.el4_8.10.src.rpm


Description of changes:


[1.1.5-10.7.10]
- Resolves: rhbz#642175 openoffice.org various flaws
- CVE-2010-4643 heap based buffer overflow when parsing TGA files

[1.1.5-10.7.8]
- Resolves: rhbz#642175 openoffice.org various flaws
- CVE-2010-3450 directory traversal flaws in handling of XSLT jar filter
  descriptions and OXT extension files
- CVE-2010-3451 Array index error by insecure parsing of broken rtf
  tables
- CVE-2010-3452 Integer signedness error (crash) by processing certain
  RTF tags
- CVE-2010-3453 Heap-based buffer overflow by processing *.doc files
  with WW8 list styles with specially-crafted count of list levels
- CVE-2010-3454 Array index error by scanning document typography
  information of certain *.doc files




More information about the El-errata mailing list