ID CVE-2010-2936
Summary Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:openoffice:openoffice.org:3.2.1
    cpe:2.3:a:openoffice:openoffice.org:3.2.1
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
CVSS
Base: 9.3 (as of 26-08-2010 - 05:55)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-221.NASL
    description Multiple vulnerabilities was discovered and corrected in the OpenOffice.org : Integer overflow allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow (CVE-2009-2949). Heap-based buffer overflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression (CVE-2009-2950). Integer underflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document (CVE-2009-3301). boundary error flaw allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document (CVE-2009-3302). Lack of properly enforcing Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document (CVE-2010-0136). User-assisted remote attackers are able to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed (CVE-2010-0395). Impress module does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an integer truncation error (CVE-2010-2935). Integer overflow in the Impress allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow (CVE-2010-2936). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 This update provides OpenOffice.org packages have been patched to correct these issues and additional dependent packages.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 50503
    published 2010-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50503
    title Mandriva Linux Security Advisory : openoffice.org (MDVSA-2010:221)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201408-19.NASL
    description The remote host is affected by the vulnerability described in GLSA-201408-19 (OpenOffice, LibreOffice: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenOffice and Libreoffice. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted file using OpenOffice, possibly resulting in execution of arbitrary code with the privileges of the process, a Denial of Service condition, execution of arbitrary Python code, authentication bypass, or reading and writing of arbitrary files. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 77467
    published 2014-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77467
    title GLSA-201408-19 : OpenOffice, LibreOffice: Multiple vulnerabilities
  • NASL family Windows
    NASL id OPENOFFICE_33.NASL
    description The version of Oracle OpenOffice.org installed on the remote host is prior to 3.3. It is, therefore, affected by several issues : - Issues exist relating to PowerPoint document processing that may lead to arbitrary code execution. (CVE-2010-2935, CVE-2010-2936) - A directory traversal vulnerability exists in zip / jar package extraction. (CVE-2010-3450) - Issues exist relating to RTF document processing that may lead to arbitrary code execution. (CVE-2010-3451, CVE-2010-3452) - Issues exist relating to Word document processing that may lead to arbitrary code execution. (CVE-2010-3453, CVE-2010-3454) - Issues exist in the third-party XPDF library relating to PDF document processing that may allow arbitrary code execution. (CVE-2010-3702, CVE-2010-3704) - OpenOffice.org includes a version of LIBXML2 that is affected by multiple vulnerabilities. (CVE-2010-4008, CVE-2010-4494) - An issue exists with PNG file processing that may allow arbitrary code execution. (CVE-2010-4253) - An issue exists with TGA file processing that may allow arbitrary code execution. (CVE-2010-4643)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 51773
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51773
    title Oracle OpenOffice.org < 3.3 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBREOFFICE331-7365.NASL
    description Maintenance update to LibreOffice-3.3.1. It adds some interesting features, fixes many bugs, including several security vulnerabilities. LibreOffice is continuation of the OpenOffice.org project. This update replaces the OpenOffice.org installation, including helper packages, e.g. dictionaries, templates. The new stuff is backward compatible. List of LibreOffice-3.3 features : General - online help - common search toolbar - new easier 'Print' dialog - new easier 'Thesaurus' dialog - more options to modify letters case - added LibreOffice colors to the palette - import of alpha channel for RGBA TIFF (fdo#30472) Calc - sort dialog for DataPilot - increased document protection - insert drawing objects in charts - hierarchical axis labels for charts - automatic decimals digits for 'General' format - new tab page 'Compatibility' in the Options dialog - better performance and interoperability on Excel import - display custom names for DataPilot fields, items, and totals Writer - RTF export (GSoc) - new 'Title Page' dialog - 2-level document protection - better form controls handling - count the number of characters with and without spaces Impress/Draw - PPTX chart import feature - easier slide layout handling - presenter screen uses the laptop output by default - allow to add drawing documents to gallery via API (i#80184) Base - support explicit primary key - support of read-Only database registrations Math - new command 'nospace' Most important changes : - maintenance update (bnc#667421, MaintenanceTracker-38738) - fixed several security bugs: o PowerPoint document processing (CVE-2010-2935 / CVE-2010-2936) o extensions and filter package files (CVE-2010-3450) o RTF document processing (CVE-2010-3451 / CVE-2010-3452) o Word document processing (CVE-2010-3453 / CVE-2010-3454) o insecure LD_LIBRARY_PATH usage (CVE-2010-3689) o PDF Import extension resulting from 3rd party library XPD (CVE-2010-3702 / CVE-2010-3704) o PNG file processing (CVE-2010-4253) o TGA file processing. (CVE-2010-4643) - libreoffice-3.3.1.2 == 3.3.1-rc2 == final - fixed audio/video playback in presentation (deb#612940, bnc#651250) - fixed non-working input methods in KDE4. (bnc#665112) - fixed occasional blank first slide (fdo#34533) - fixed cairo canvas edge count calculation. (bnc#647959) - defuzzed piece-packimages.diff to apply - updated to libreoffice-3.3.1.2 (3.3.1-rc2): o l10n - updated some translations o libs-core - crashing oosplash and malformed picture. (bnc#652562) - Byref and declare Basic statement (fdo#33964, i#115716) - fixed BorderLine(2) conversion to SvxBorderLine (fdo#34226) o libs-gui - getEnglishSearchFontName() searches Takao fonts o sdk - fix ODK settings.mk to only set STLPORTLIB if needed o writer - rtfExport::HackIsWW8OrHigher(): return true (fdo#33478) - visual editor destroys formulas containing symbols (fdo#32759, fdo#32755) - enabled KDE4 support for SLED11; LO-3.3.1 fixed the remaining annoying bugs - fixed EMF+ import. (bnc#650049) - updated to libreoffice-3.3.1.1 (3.3.1-rc1): o artwork - new MIME type icons for LibreOffice o bootstrap - wrong line break with ( (fdo#31271) o build - default formula string (n#664516) - don't version the bundled ct2n extension - last update of translations from Pootle for 3.3.1 o calc - import of cell attributes from Excel documents - incorrect page number in page preview mode (fdo#33155) o components - remove pesky on-line registration menu entry (fdo#33112) - crash on changing position of drawing object in header (rhbz#673819) o extras - start using technical.dic instead of oracle.dic (fdo#31798) o filters - pictures DOCX import. (bnc#655763) - parse 'color' property (fdo#33551) - fix ole object import for writer (DOCX) (fdo#33237) o help - OOo -> LibO on Getting Support page (fdo#33249) o libs-core - handle css::table::BorderLine - add preferred Malayalam fonts (fdo#32953) - fix KDE3 library search order (fdo#32797) - StarDesktop.terminate macro behaviour (#30879) - Sun Microsystems -> TDF in desktop file (fdo#31191) - fixed several crashes around config UNO API (fdo#33994) - implementation names weren't matching with xcu (fdo#32872) - improve the check for existence of the localized help (fdo#33258) o libs-extern - upgrade libwpd to 0.9.1 o libs-gui - painting of axial gradients (116318) - fix wrong collation for Catalan language - crash when moving through database types (fdo#32561) - paint toolbar handle positioned properly (fdo#32558) - remove the menu when Left Alt Key was pressed; for GTK - default currency for Estonia should be Euro (fdo#33160) - year of era in long format for zh_TW by default (fdo#33459) o writer - use standard Edit button width of 50 (fdo#32633) - improve formfield checkbox binary export. (bnc#660816) - infinite loop while exporting some files in DOC/DOCX/RTF - CTL/Other Default Font (i#25247, i#25561, i#48064, i#92341) - libreoffice-build-3.3.0.4 == 3.3.0-rc4 == final - updated to libreoffice-3.3.0.4 (3.3-rc4): o common : - remove pesky on-line registration menu entry (fdo#33112) o artwork : - fix search toolbar up/down search button icons o base : - report builder not shows properties on report fields (fdo#32742) - report left/right page margin setting ignored on 64-bit (i#116187) o build : - updated translations o calc : - reverted problematic and dangerous: # performance of filters with many filtered ranges (i#116164) # obtain correct data range for external references (i#115906) o libs-core : - FMR crasher (fdo#33099) - backgrounds for polypolygons in metafile (i#116371) - unopkg crasher on SLED11-SP1 (bnc#655912) o libs-gui : - use sane scrollbar sizes when drawing - painting of axial gradients (i#116318) - do not mix unrelated X11 Visuals (fdo#33108) - avoid GetHelpText() call which can be quite heavy o writer : - fields fixes: key inputs, 0-length fields import. (bnc#657135) - replaced obsolete SuSEconfig gtk2 module call with %%icon_theme_cache_post(un) macros for openSUSE > 11.3. (bnc#663245) - updated to libreoffice-3.3.0.3 (3.3-rc3): o build : - use libreoffice and lo* wrappers; update man pages accordingly - navigation buttons' patch selection handling (fdo#32380, bnc#649506) o calc : - bogus check for numerical sheet names (fdo#32570) - performance of filters with many filtered ranges (i#116164) - obtain correct data range for external references (i#115906) - avoid double-paste when pasting text into cell comment (fdo#32572) o components : - fix nsplugin for LibreOffice name - fixing large OOXML files (i#115944) - layout breakage for KDE, X11 and (possibly) Mac (fdo#32133) o extensions : - patching xpdf to patchlevel 3.02pl5 o extras : - creating technical.dic based on src/*.dic o filters : - small TGAReader improvement (i#164349) - PageRange handling in writer PDF export (#116085) o impress : - missing font color (rhbz#663857) - use updated anchor for group shapes (i#115898) - presentation objects on master pages (i#115993) o libs-core : - survive missing window (rhbz#666216) - better font selection in Japanese locale. - do not block when launching Firefox (fdo#32427) - show the license information in a separate dialog (fdo#32563) - make unopkg --suppress-license skip license in all cases (fdo#32840) o libs-extern-sys : - better XPATH handling (i#164350) o libs-gui : - use the initial language if not specified (fdo#32523) - clean up search cache singleton in correct order (rhbz#666088) o writer : - undo/redo crash with postits (rhbz#660342) - rearrange title dialog to get translations (fdo#32633) - move to the next record during mail merge (fdo#32790) - updated to libreoffice-3.3.0.2 (3.3-rc2): o common : - copy & paste a text formatted cell (i#115825) - replaced http://www.openoffice.org (fdo#32169) o bootstrap : - check if KDE is >= 4.2 - cleanup unfortunate license duplication o calc : - ignore preceding spaces when parsing numbers - make the string 'New Record' localizable (fdo#32209) - remove trailing spaces too when parsing CSV simple numbers - display correct record information in Data Form dialog (fdo#32196) o components : - make the ODMA check box clickable again (fdo#32132) - fixed the sizes of Tips and Extended tips check boxes - make 'Reset help agent' button clickable again (fdo#32132) o extensions : - fix filled polygons on PDF import o filters : - performance for import of XLSX files with drawing objects (i#115940) o impress : - missing embedded object in ODP export (i#115898) - grey as default color for native tables in Impress - graphics on master page cannot be deleted (i#115993) o libs-core : - save with the proper DOC variant (fdo#32219) - removed dupe para ids introduced by copy&paste - colon needed for LD_LIBRARY_PATH set but empty - wikihelp: use the right Help ID URL (fdo#32338) - MySQL Cast(col1 as CHAR) yields error (i#115436) - import compatibility for enhanced fields names (fdo#32172) o libs-extern-sys : - XPATH handling fix o libs-gui : - PPTX import crasher. (bnc#654065) - copy&paste problem of metafiles (i#115825) - force Qt paint system to native (fdo#30991) - display problem with Vegur font (fdo#31243) - URIs must be exported as 7bit ASCII (i#115788) - regression in WMF text rendering (fdo#32236, i#115825) o postprocess : - only register EvolutionLocal when EVO support is enabled (fdo#32007) o writer : - after 'data to fields' mail merge does not work (fdo#31190) - missing outline feature in new RTF export filter (fdo#32039) - encoding of Greek letters names with accent in French (i#115956) o build bits : - better build identification in the about dialog - updated to libreoffice-3.3.0.1 (3.3-rc1): o ooo integration : - Merge commit 'ooo/OOO330_m17' into libreoffice-3-3 o common : - more RTF import/export fixes - updated branding for rc o artwork : - fixed icons with PNG optimizations - remove remaining ODF MIME type icons o bootstrap : - Add BrOffice artwork / branding support - Do not install HTML versions of LICENSE and README - install credits file o build : - empty toolbar. (bnc#654039) - pack PostgreSQL driver as .oxt instead of .zip o calc : - avoid pasting data from OOo Calc as an OLE object - scaling factor calculation for drawing layer (i#115313) - broken filter option in Datapilot (i#115431) - 'Precision as shown' not working if automatic decimal (i#115512) - disable document modify and broadcasting of changes on range names - don't update visible ranges for invisible panes - changing margins in print preview should mark the document modified - make VLOOKUP work with an external reference once again (fdo#31718) - more strict parsing of external range names - no automatic width adjustment of the dropdown popups (fdo#31710) - re-calculate visible range when switching sheets - skip hidden cells while expanding range selection o components : - overlapping controls - bad alloc and convert to ZipIOException (rh#656191) - divide by zero (rh#657628) o extras : - use consistent autocorrect file names o filters : - fix writerfilter XSL to handle more elements - missing call to importDocumentProperties. (bnc#655194) - rotated text DOCX import (fdo#30474) o impress : - avoid antialiasing for drag rect o libs-core : - Adapted README according to list feedback - register EvolutionLocal when evolution support is enabled (fdo#32007) - crash during toolpanel re-docking - crash in FR version when typing / as first character (i#115774) - only start the quick-starter on restart - don't crash when quickstarter is exited by user (rh#650170) - shutdown quickstarter at end of desktop session (rh#650170) - exit quickstarter if physically deleted (rh#610103) - autocorrect crasher (rh#647392) - start quickstarter on every launch if configured to use it - Switch toolbar icon size to 'auto-detect' o libs-extern : - Use the new stable libwp* releases as default o libs-extern-sys : - fixed urllib.urlopen in the internal python (fdo#31466) o libs-gui : - Allow the dropdown list of a combo box to be scrollable. (fdo#31710) - PDF export regression for simple RTL cases (i#115618) - freeze with ODP import (i#115761) - make toolbar icon size native-widget controlled - use BrOffice in pt_BR locale (fdo#31770) - release the clipboard after flush (i#163153) o l10n : - BrOffice in Brazil => %PRODUCTNAME_BR for win32 installer o sdk : - correct resolveLink function (i#115310) o writer : - crash when opening File/Print dialog fixed (i#115354) - better enhanced fields navigation - allow to localize the 'My AutoText' string (i#66304) - table alignment set to 'From Left' when moving the right. (bnc#636367) - font color selection didn't effect new text. (bnc#652204) - column break DOC import problem (bnc#652364) o build bits : - install branding for the welcome screen. (bnc#653519) - fixed URL, summary, and description for LibreOffice - bumped requires to libreoffice-branding-upstream > 3.2.99.3 - created l10n-prebuilt subpackage for prebuilt registry files. (bnc#651964) - disabled KDE3 stuff on openSUSE >= 11.2. (bnc#605472, bnc#621472) - added gcc-c++ and libxml2-devel into BuildRequires; were required by kdelibs3-devel before - updated to libreoffice-3.2.99.3 (3.3-beta3): o ooo integration : - Merge commit 'ooo/OOO330_m13' o common : - impress ruler behaviour - add Title Page dialog (i#7065) - save 1MB on wizards per language - images optimized for smaller size - do not insert a new cell beyond the end - handle multiple selection for printing (i#115266) - remove VBAForm property and associated geometry hack (fdo#30856) o base : - key columns in all tables (i#114026) - reports executed for data display (i#114627) o calc : - non-functional select - defined names in Calc functions (i#79854) - use Ctrl-Shift-D to launch selection list - regression for range array input, e.g. {=A1:A5} - crash on importing docs with database functions - crash on importing named ranges on higher sheets - remove the 'insert new sheet' tab in read-only mode - incorrect display of references from the formula input wizard - new tab page 'Compatibility' in the Options dialog (fdo#30559) o components : - default to evolution - crash in scanner dialog (rh#648475) o extras : - added LibreOffice and Tango palettes o filters : - crash on unsupported .tiffs (i#93300) - vertical text alignment and placeholder style (bnc#645116) o impress : - broken zoom behaviour - crash in OGL transitions - support for PPT newsflash slide transition o libs-core : - register EVO address book - more quickstarter fixes (i#108846) - missing media-type for ODF thumbnails - add credits hyperlink into about dialog - freeze when adding an extension (i#114933) - -quickstart option, and help fix (i#108846) - GNOME filepicker filter selection (i#112411) - use 'Enter Password' in all dialogs (fdo#31075) - add display properties to control shapes (i#112597) - disable user migration when SAL_DISABLE_USERMIGRATION is set o libs-gui : - disable KDE's crash handler - refresh of OLE object previews - adding font aliases (i#114706) - comparison of key events for IM - show Java error just once by default - underlining problem with Graphite fonts (i#114765) - saving tempfiles when locking is not supported. - better selection of localized font names (i#114703) - MetricFields SetUnit conversions (fdo#30899, bnc#610921) - make Presenter Screen default to the projector (i#112421) - Qt event loop integration (when Glib is used) for KDE4 vclplug o writer : - title pages (i#i66619) - more RTF import/export fixes - tables in page styles (i#114366) - round-trip of DOC unhandled fields - double-click behavior on enhanced fields - leaky pStream after RTF import (fdo#31362) - crash when choosing starmath from start screen - OLE Links round-trip fixed for links as pictures - setup XML namespaces also for footers and headers. (bnc#581954) - switched to the LibreOffice code base, http://www.documentfoundation.org/ - renamed packages from OpenOffice_org* to libreoffice* - updated to libreoffice-3.2.99.2 (3.3-beta2): o common : - show menus in icons fixup - show all appropriate formats by default on save as (i#113141) - RenderBadPicture on multihead setups and Cairo (i#94007, i#111758) o base : - use correct table name (i#114246) o calc : - better performance on Excel doc import o components : - bound image controls (i#112659) - Appearance config dialog crasher (i#108246) - Euro converter didn't work with ODS (i#100686) - ImageURL and Graphic properties handling (i#113991) o extensions : - some reportbuilder fixes (i#114111, i#112652) o extras : - fix malformed XML file (i#111741) - add Croatian autocorrection (i#96706) - updated Hungarian standard.bau (i#112387) - eensgezinswoning replaces eensgezinswoning - add 1/2, 3/4 and 1/4 symbols to af-ZA, de, en-ZA, mn and pl o filters : - adjust for table::BorderLine2 - table DOCX import crasher (rh#632236) - misc improvements for DOCX VML import - text position bug in DOC import. (bnc#532920) - implement import of alpha channel for RGBA .tiffs (fdo#30472) o impress : - improve randomisation in 'dissolve' transition o libs-core : - add in MonoSpace setting - print the formula itself by default - extension can contain compiled help (i#114008) - no update menu entry for bundled extensions (i#113524) - prevent online update for bundled extensions (i#113524) - make search/replace of colour names with translations safer (i#110142) o libs-gui : - maths brackets misformed in presentation mode (i#113400) - better font-name localization, i.e. en fallback (i#114703) - default to UTF-8 for HTML unless we know differently (i#76649) o writer : - color problem in RTF export (fdo#30604) - crash on export of TOC to .doc (i#112384) - prevent document modification while printing (i#112518) - dotted and dashed border types (fate#307731, fate#307730) - changes from libreoffice-3.2.99.1 (3.3-beta1): o features : - renamed to LibreOffice - based on ooo330-m7 - changed default branding - started to support the LibreOffice code base [all] - ordinal suffixes autocorrection improvements - updated Numbertext extension to version 0.9.3 - support new distros Raw, LibreOfficeLinux, LibreOfficeMacOSX, LibreOfficeWin32 o performance bits : - memory footprint during PPT import. (bnc#637925) - performance bug on row height adjustments (bnc#640112) o common bits : - don't set header in DDE tables (bnc#634517) o Calc bits : - cell content rendering [bnc#640128] o Excel's cell border thickness mapping. (bnc#636691) - relative and absolute references toggling (bnc#634260) o more on the Flat MSO XML file type detection (bnc#631993) o Writer bits : - SwXTextRange DOC import (i#112564) o table formulas DOC import (bnc#631912) o input field fixes (bnc#628098, bnc#623944) o OLE Links with image DOC import (bnc#628098) o nested SET/FILLIN fields DOC import (bnc#634478) o broken floating tables formatting in DOC import. (bnc#617593) - double-clicking on field gives 'read only' message (bnc#639288) o OOXML bits : - text paragraph autofit PPTX import o VBA bits : - implicit indexes handling - logical operator precedence - column para for Range.Cells (bnc#639297) o build bits : - update internal ICU to version 4.2.1 - fetch 185d60944ea767075d27247c3162b3bc-unowinreg.dll - updated to version 3.2.98.1 (3.3-alpha1): o features : - RTF export rewrite - writer navigation - remove obsolete Industrial icon theme o common bits : - gray read-only styles (i#85003) - Accelerators for OK/Cancel buttons in GTK (bnc#608572) o Calc bits : - cell borders not saved. (bnc#612263) - external reference rework. (bnc#628876) - Flat MSO XML file type detection. (bnc#631993) - disable custom tab colors in high contrast mode - display correct field in data pilot. (bnc#629920) - Watch Window extension doesn't show sheet name (bnc#604638) o Draw bits : - associate application/x-wpg with oodraw (bnc#589624) o Impress bits : - More on avmedia soundhandler (i#83753, bnc#515553) o Writer bits : - ww8 styles import (i#21939) - hairline table borders export - saving new document comparison data - Ruby in MS Word format (i#79246) o OOXML : - better internal hlinks XLSX export. (bnc#594248) - numbering roundtripping issues in DOCX. (bnc#569266) - untis translation from EMU in PPTX import. (bnc#621739) - group shapes geometry calculation in PPTX import. (bnc#621739) - many other import/export fixes and improvements o VBA bits : - changes in event handling - more container control fixes - more on invalid code name import for sheet (bnc#507768) o build bits : - update prebuilt cli dlls for OOo-3.3 - moving ooo-build patches to ooo git sources - use --without-junit on Win32 and openSUSE < 11.2 - used the prepatched OOo sources from ooo-build git - used mozilla-xulrunner192 for openSUSE > 11.3
    last seen 2019-02-21
    modified 2012-06-14
    plugin id 52738
    published 2011-03-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52738
    title SuSE 10 Security Update : Libreoffice (ZYPP Patch Number 7365)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0643.NASL
    description From Red Hat Security Advisory 2010:0643 : Updated openoffice.org packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2935) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org Impress processed polygons in input documents. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For Red Hat Enterprise Linux 3, this erratum provides updated openoffice.org packages. For Red Hat Enterprise Linux 4, this erratum provides updated openoffice.org and openoffice.org2 packages. All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68087
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68087
    title Oracle Linux 3 / 4 : openoffice.org (ELSA-2010-0643)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPENOFFICE_ORG-7148.NASL
    description Specially crafted ppt files could cause a heap-based buffer overflow in OpenOffice_org Impress. Attackers could exploit that to crash OpenOffice_org or potentially even execute arbitrary code. (CVE-2010-2935 / CVE-2010-2936) This update also fixes numerous non-security bugs. Please refer to the package changelog for details.
    last seen 2019-02-21
    modified 2012-06-14
    plugin id 51687
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51687
    title SuSE 10 Security Update : OpenOffice_org (ZYPP Patch Number 7148)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100823_OPENOFFICE_ORG_ON_SL4_X.NASL
    description An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2935) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org Impress processed polygons in input documents. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936)
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60841
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60841
    title Scientific Linux Security Update : openoffice.org on SL4.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0643.NASL
    description Updated openoffice.org packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2935) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org Impress processed polygons in input documents. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For Red Hat Enterprise Linux 3, this erratum provides updated openoffice.org packages. For Red Hat Enterprise Linux 4, this erratum provides updated openoffice.org and openoffice.org2 packages. All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 48742
    published 2010-08-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48742
    title CentOS 3 / 4 : openoffice.org (CESA-2010:0643)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100823_OPENOFFICE_ORG2_ON_SL4_X.NASL
    description An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2935) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org Impress processed polygons in input documents. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936) All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60839
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60839
    title Scientific Linux Security Update : openoffice.org2 on SL4.x i386/x86_64
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100823_OPENOFFICE_ORG_ON_SL3_X.NASL
    description An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2935) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org Impress processed polygons in input documents. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936) All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60840
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60840
    title Scientific Linux Security Update : openoffice.org on SL3.x i386/x86_64
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2099.NASL
    description Charlie Miller has discovered two vulnerabilities in OpenOffice.org Impress, which can be exploited by malicious people to compromise a user's system and execute arbitrary code. - An integer truncation error when parsing certain content can be exploited to cause a heap-based buffer overflow via a specially crafted file. - A short integer overflow error when parsing certain content can be exploited to cause a heap-based buffer overflow via a specially crafted file.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 48928
    published 2010-08-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48928
    title Debian DSA-2099-1 : openoffice.org - buffer overflows
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_OPENOFFICE_ORG-DRAW-100906.NASL
    description Specially crafted ppt files could cause a heap based buffer overflow in OpenOffice_org Impress. Attackers could exploit that to crash OpenOffice_org or potentially even execute arbitrary code (CVE-2010-2935, CVE-2010-2936).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 50018
    published 2010-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50018
    title openSUSE Security Update : OpenOffice_org-draw (openSUSE-SU-2010:0732-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_OPENOFFICE_ORG-DRAW-100906.NASL
    description Specially crafted ppt files could cause a heap based buffer overflow in OpenOffice_org Impress. Attackers could exploit that to crash OpenOffice_org or potentially even execute arbitrary code (CVE-2010-2935, CVE-2010-2936).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 50012
    published 2010-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50012
    title openSUSE Security Update : OpenOffice_org-draw (openSUSE-SU-2010:0732-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_OPENOFFICE_ORG-110330.NASL
    description Maintenance update to LibreOffice-3.3.1. It adds some interesting features, fixes many bugs, including several security vulnerabilities. The previous OpenOffice_org packages are also renamed to libreoffice. LibreOffice is continuation of the OpenOffice.org project. This update replaces the OpenOffice.org installation, including helper packages, e.g. dictionaries, templates. The new stuff is backward compatible. - fixed security bugs : - PowerPoint document processing (CVE-2010-2935, CVE-2010-2936) - extensions and filter package files (CVE-2010-3450) - RTF document processing (CVE-2010-3451, CVE-2010-3452) - Word document processing (CVE-2010-3453, CVE-2010-3454) - insecure LD_LIBRARY_PATH usage (CVE-2010-3689) - PDF Import extension resulting from 3rd party library XPD (CVE-2010-3702, CVE-2010-3704) - PNG file processing (CVE-2010-4253) - TGA file processing (CVE-2010-4643) - most important changes : - maintenance update (bnc#667421, MaintenanceTracker-38738) - enabled KDE3 support (bnc#678998) - libreoffice-3.3.1.2 == 3.3.1-rc2 == final - fixed audio/video playback in presentation (deb#612940, bnc#651250) - fixed non-working input methods in KDE4 (bnc#665112) - fixed occasional blank first slide (fdo#34533) - fixed cairo canvas edge count calculation (bnc#647959) - updated to libreoffice-3.3.1.2 (3.3.1-rc2) : - l10n - updated some translations - libs-core - crashing oosplash and malformed picture (bnc#652562) - Byref and declare Basic statement (fdo#33964, i#115716) - fixed BorderLine(2) conversion to SvxBorderLine (fdo#34226) - libs-gui - getEnglishSearchFontName() searches Takao fonts - sdk - fix ODK settings.mk to only set STLPORTLIB if needed - writer - rtfExport::HackIsWW8OrHigher(): return true (fdo#33478) - visual editor destroys formulas containing symbols (fdo#32759, fdo#32755) - enabled KDE4 support for SLED11; LO-3.3.1 fixed the remaining annoying bugs - fixed EMF+ import (bnc#650049) - updated to libreoffice-3.3.1.1 (3.3.1-rc1) : - artwork - new MIME type icons for LibreOffice - bootstrap - wrong line break with ( (fdo#31271) - build - default formula string (n#664516) - don't version the bundled ct2n extension - last update of translations from Pootle for 3.3.1 - calc - import of cell attributes from Excel documents - incorrect page number in page preview mode (fdo#33155) - components - remove pesky on-line registration menu entry (fdo#33112) - crash on changing position of drawing object in header (rhbz#673819) - extras - start using technical.dic instead of oracle.dic (fdo#31798) - filters - pictures DOCX import (bnc#655763) - parse 'color' property (fdo#33551) - fix ole object import for writer (DOCX) (fdo#33237) - help - OOo -> LibO on Getting Support page (fdo#33249) - libs-core - handle css::table::BorderLine - add preferred Malayalam fonts (fdo#32953) - fix KDE3 library search order (fdo#32797) - StarDesktop.terminate macro behaviour (#30879) - Sun Microsystems -> TDF in desktop file (fdo#31191) - fixed several crashes around config UNO API (fdo#33994) - implementation names weren't matching with xcu (fdo#32872) - improve the check for existence of the localized help (fdo#33258) - libs-extern - upgrade libwpd to 0.9.1 - libs-gui - painting of axial gradients (116318) - fix wrong collation for Catalan language - crash when moving through database types (fdo#32561) - paint toolbar handle positioned properly (fdo#32558) - remove the menu when Left Alt Key was pressed; for GTK - default currency for Estonia should be Euro (fdo#33160) - year of era in long format for zh_TW by default (fdo#33459) - writer - use standard Edit button width of 50 (fdo#32633) - improve formfield checkbox binary export (bnc#660816) - infinite loop while exporting some files in DOC/DOCX/RTF - CTL/Other Default Font (i#25247, i#25561, i#48064, i#92341) - libreoffice-build-3.3.0.4 == 3.3.0-rc4 == final - updated to libreoffice-3.3.0.4 (3.3-rc4) : - common : - remove pesky on-line registration menu entry (fdo#33112) - artwork : - fix search toolbar up/down search button icons - base : - report builder not shows properties on report fields (fdo#32742) - report left/right page margin setting ignored on 64-bit (i#116187) - build : - updated translations - calc : - reverted problematic and dangerous : - performance of filters with many filtered ranges (i#116164) - obtain correct data range for external references (i#115906) - libs-core : - FMR crasher (fdo#33099) - backgrounds for polypolygons in metafile (i#116371) - unopkg crasher on SLED11-SP1 (bnc#655912) - libs-gui : - use sane scrollbar sizes when drawing - painting of axial gradients (i#116318) - do not mix unrelated X11 Visuals (fdo#33108) - avoid GetHelpText() call which can be quite heavy - writer : - fields fixes: key inputs, 0-length fields import (bnc#657135) - replaced obsolete SuSEconfig gtk2 module call with %%icon_theme_cache_post(un) macros for openSUSE > 11.3 (bnc#663245) - updated to libreoffice-3.3.0.3 (3.3-rc3) : - build : - use libreoffice and lo* wrappers; update man pages accordingly - navigation buttons' patch selection handling (fdo#32380, bnc#649506) - calc : - bogus check for numerical sheet names (fdo#32570) - performance of filters with many filtered ranges (i#116164) - obtain correct data range for external references (i#115906) - avoid double-paste when pasting text into cell comment (fdo#32572) - components : - fix nsplugin for LibreOffice name - fixing large OOXML files (i#115944) - layout breakage for KDE, X11 and (possibly) Mac (fdo#32133) - extensions : - patching xpdf to patchlevel 3.02pl5 - extras : - creating technical.dic based on src/*.dic - filters : - small TGAReader improvement (i#164349) - PageRange handling in writer PDF export (#116085) - impress : - missing font color (rhbz#663857) - use updated anchor for group shapes (i#115898) - presentation objects on master pages (i#115993) - libs-core : - survive missing window (rhbz#666216) - better font selection in Japanese locale. - do not block when launching Firefox (fdo#32427) - show the license information in a separate dialog (fdo#32563) - make unopkg --suppress-license skip license in all cases (fdo#32840) - libs-extern-sys : - better XPATH handling (i#164350) - libs-gui : - use the initial language if not specified (fdo#32523) - clean up search cache singleton in correct order (rhbz#666088) - writer : - undo/redo crash with postits (rhbz#660342) - rearrange title dialog to get translations (fdo#32633) - move to the next record during mail merge (fdo#32790) - updated to libreoffice-3.3.0.2 (3.3-rc2) : - common : - copy & paste a text formatted cell (i#115825) - replaced http://www.openoffice.org (fdo#32169) - bootstrap : - check if KDE is >= 4.2 - cleanup unfortunate license duplication - calc : - ignore preceding spaces when parsing numbers - make the string 'New Record' localizable (fdo#32209) - remove trailing spaces too when parsing CSV simple numbers - display correct record information in Data Form dialog (fdo#32196) - components : - make the ODMA check box clickable again (fdo#32132) - fixed the sizes of Tips and Extended tips check boxes - make 'Reset help agent' button clickable again (fdo#32132) - extensions : - fix filled polygons on PDF import - filters : - performance for import of XLSX files with drawing objects (i#115940) - impress : - missing embedded object in ODP export (i#115898) - grey as default color for native tables in Impress - graphics on master page cannot be deleted (i#115993) - libs-core : - save with the proper DOC variant (fdo#32219) - removed dupe para ids introduced by copy&paste - colon needed for LD_LIBRARY_PATH set but empty - wikihelp: use the right Help ID URL (fdo#32338) - MySQL Cast(col1 as CHAR) yields error (i#115436) - import compatibility for enhanced fields names (fdo#32172) - libs-extern-sys : - XPATH handling fix - libs-gui : - PPTX import crasher (bnc#654065) - copy&paste problem of metafiles (i#115825) - force Qt paint system to native (fdo#30991) - display problem with Vegur font (fdo#31243) - URIs must be exported as 7bit ASCII (i#115788) - regression in WMF text rendering (fdo#32236, i#115825) - postprocess : - only register EvolutionLocal when EVO support is enabled (fdo#32007) - writer : - after 'data to fields' mail merge does not work (fdo#31190) - missing outline feature in new RTF export filter (fdo#32039) - encoding of Greek letters names with accent in French (i#115956) - build bits : - better build identification in the about dialog - updated to libreoffice-3.3.0.1 (3.3-rc1) : - ooo integration : - Merge commit 'ooo/OOO330_m17' into libreoffice-3-3 - common : - more RTF import/export fixes - updated branding for rc - artwork : - fixed icons with PNG optimizations - remove remaining ODF MIME type icons - bootstrap : - Add BrOffice artwork / branding support - Do not install HTML versions of LICENSE and README - install credits file - build : - empty toolbar (bnc#654039) - pack PostgreSQL driver as .oxt instead of .zip - calc : - avoid pasting data from OOo Calc as an OLE object - scaling factor calculation for drawing layer (i#115313) - broken filter option in Datapilot (i#115431) - 'Precision as shown' not working if automatic decimal (i#115512) - disable document modify and broadcasting of changes on range names - don't update visible ranges for invisible panes - changing margins in print preview should mark the document modified - make VLOOKUP work with an external reference once again (fdo#31718) - more strict parsing of external range names - no automatic width adjustment of the dropdown popups (fdo#31710) - re-calculate visible range when switching sheets - skip hidden cells while expanding range selection - components : - overlapping controls - bad alloc and convert to ZipIOException (rh#656191) - divide by zero (rh#657628) - extras : - use consistent autocorrect file names - filters : - fix writerfilter XSL to handle more elements - missing call to importDocumentProperties (bnc#655194) - rotated text DOCX import (fdo#30474) - impress : - avoid antialiasing for drag rect - libs-core : - Adapted README according to list feedback - register EvolutionLocal when evolution support is enabled (fdo#32007) - crash during toolpanel re-docking - crash in FR version when typing / as first character (i#115774) - only start the quick-starter on restart - don't crash when quickstarter is exited by user (rh#650170) - shutdown quickstarter at end of desktop session (rh#650170) - exit quickstarter if physically deleted (rh#610103) - autocorrect crasher (rh#647392) - start quickstarter on every launch if configured to use it - Switch toolbar icon size to 'auto-detect' - libs-extern : - Use the new stable libwp* releases as default - libs-extern-sys : - fixed urllib.urlopen in the internal python (fdo#31466) - libs-gui : - Allow the dropdown list of a combo box to be scrollable. (fdo#31710) - PDF export regression for simple RTL cases (i#115618) - freeze with ODP import (i#115761) - make toolbar icon size native-widget controlled - use BrOffice in pt_BR locale (fdo#31770) - release the clipboard after flush (i#163153) - l10n : - BrOffice in Brazil => %PRODUCTNAME_BR for win32 installer - sdk : - correct resolveLink function (i#115310) - writer : - crash when opening File/Print dialog fixed (i#115354) - better enhanced fields navigation - allow to localize the 'My AutoText' string (i#66304) - table alignment set to 'From Left' when moving the right (bnc#636367) - font color selection didn't effect new text (bnc#652204) - column break DOC import problem (bnc#652364) - build bits : - install branding for the welcome screen (bnc#653519) - fixed URL, summary, and description for LibreOffice - bumped requires to libreoffice-branding-upstream > 3.2.99.3 - created l10n-prebuilt subpackage for prebuilt registry files (bnc#651964) - disabled KDE3 stuff on openSUSE >= 11.2 (bnc#605472, bnc#621472) - added gcc-c++ and libxml2-devel into BuildRequires; were required by kdelibs3-devel before - updated to libreoffice-3.2.99.3 (3.3-beta3) : - ooo integration : - Merge commit 'ooo/OOO330_m13' - common : - impress ruler behaviour - add Title Page dialog (i#7065) - save 1MB on wizards per language - images optimized for smaller size - do not insert a new cell beyond the end - handle multiple selection for printing (i#115266) - remove VBAForm property and associated geometry hack (fdo#30856) - base : - key columns in all tables (i#114026) - reports executed for data display (i#114627) - calc : - non-functional select - defined names in Calc functions (i#79854) - use Ctrl-Shift-D to launch selection list - regression for range array input, e.g. {=A1:A5} - crash on importing docs with database functions - crash on importing named ranges on higher sheets - remove the 'insert new sheet' tab in read-only mode - incorrect display of references from the formula input wizard - new tab page 'Compatibility' in the Options dialog (fdo#30559) - components : - default to evolution - crash in scanner dialog (rh#648475) - extras : - added LibreOffice and Tango palettes - filters : - crash on unsupported .tiffs (i#93300) - vertical text alignment and placeholder style (bnc#645116) - impress : - broken zoom behaviour - crash in OGL transitions - support for PPT newsflash slide transition - libs-core : - register EVO address book - more quickstarter fixes (i#108846) - missing media-type for ODF thumbnails - add credits hyperlink into about dialog - freeze when adding an extension (i#114933) - -quickstart option, and help fix (i#108846) - GNOME filepicker filter selection (i#112411) - use 'Enter Password' in all dialogs (fdo#31075) - add display properties to control shapes (i#112597) - disable user migration when SAL_DISABLE_USERMIGRATION is set - libs-gui : - disable KDE's crash handler - refresh of OLE object previews - adding font aliases (i#114706) - comparison of key events for IM - show Java error just once by default - underlining problem with Graphite fonts (i#114765) - saving tempfiles when locking is not supported. - better selection of localized font names (i#114703) - MetricFields SetUnit conversions (fdo#30899, bnc#610921) - make Presenter Screen default to the projector (i#112421) - Qt event loop integration (when Glib is used) for KDE4 vclplug - writer : - title pages (i#i66619) - more RTF import/export fixes - tables in page styles (i#114366) - round-trip of DOC unhandled fields - double-click behavior on enhanced fields - leaky pStream after RTF import (fdo#31362) - crash when choosing starmath from start screen - OLE Links round-trip fixed for links as pictures - setup XML namespaces also for footers and headers (bnc#581954) - switched to the LibreOffice code base, http://www.documentfoundation.org/ - renamed packages from OpenOffice_org* to libreoffice* - updated to libreoffice-3.2.99.2 (3.3-beta2) : - common : - show menus in icons fixup - show all appropriate formats by default on save as (i#113141) - RenderBadPicture on multihead setups and Cairo (i#94007, i#111758) - base : - use correct table name (i#114246) - calc : - better performance on Excel doc import - components : - bound image controls (i#112659) - Appearance config dialog crasher (i#108246) - Euro converter didn't work with ODS (i#100686) - ImageURL and Graphic properties handling (i#113991) - extensions : - some reportbuilder fixes (i#114111, i#112652) - extras : - fix malformed XML file (i#111741) - add Croatian autocorrection (i#96706) - updated Hungarian standard.bau (i#112387) - eensgezinswoning replaces eensgezinswoning - add 1/2, 3/4 and 1/4 symbols to af-ZA, de, en-ZA, mn and pl - filters : - adjust for table::BorderLine2 - table DOCX import crasher (rh#632236) - misc improvements for DOCX VML import - text position bug in DOC import (bnc#532920) - implement import of alpha channel for RGBA .tiffs (fdo#30472) - impress : - improve randomisation in 'dissolve' transition - libs-core : - add in MonoSpace setting - print the formula itself by default - extension can contain compiled help (i#114008) - no update menu entry for bundled extensions (i#113524) - prevent online update for bundled extensions (i#113524) - make search/replace of colour names with translations safer (i#110142) - libs-gui : - maths brackets misformed in presentation mode (i#113400) - better font-name localization, i.e. en fallback (i#114703) - default to UTF-8 for HTML unless we know differently (i#76649) - writer : - color problem in RTF export (fdo#30604) - crash on export of TOC to .doc (i#112384) - prevent document modification while printing (i#112518) - dotted and dashed border types (fate#307731, fate#307730) - changes from libreoffice-3.2.99.1 (3.3-beta1) : - features : - renamed to LibreOffice - based on ooo330-m7 - changed default branding - started to support the LibreOffice code base [all] - ordinal suffixes autocorrection improvements - updated Numbertext extension to version 0.9.3 - support new distros Raw, LibreOfficeLinux, LibreOfficeMacOSX, LibreOfficeWin32 - performance bits : - memory footprint during PPT import (bnc#637925) - performance bug on row height adjustments (bnc#640112) - common bits : - don't set header in DDE tables (bnc#634517) - Calc bits : - cell content rendering [bnc#640128] - Excel's cell border thickness mapping (bnc#636691) - relative and absolute references toggling (bnc#634260) - more on the Flat MSO XML file type detection (bnc#631993) - Writer bits : - SwXTextRange DOC import (i#112564) - table formulas DOC import (bnc#631912) - input field fixes (bnc#628098, bnc#623944) - OLE Links with image DOC import (bnc#628098) - nested SET/FILLIN fields DOC import (bnc#634478) - broken floating tables formatting in DOC import (bnc#617593) - double-clicking on field gives 'read only' message (bnc#639288) - OOXML bits : - text paragraph autofit PPTX import - VBA bits : - implicit indexes handling - logical operator precedence - column para for Range.Cells (bnc#639297) - build bits : - update internal ICU to version 4.2.1 - fetch 185d60944ea767075d27247c3162b3bc-unowinreg.dll - updated to version 3.2.98.1 (3.3-alpha1) : - features : - RTF export rewrite - writer navigation - remove obsolete Industrial icon theme - common bits : - gray read-only styles (i#85003) - Accelerators for OK/Cancel buttons in GTK (bnc#608572) - Calc bits : - cell borders not saved (bnc#612263) - external reference rework (bnc#628876) - Flat MSO XML file type detection (bnc#631993) - disable custom tab colors in high contrast mode - display correct field in data pilot (bnc#629920) - Watch Window extension doesn't show sheet name (bnc#604638) - Draw bits : - associate application/x-wpg with oodraw (bnc#589624) - Impress bits : - More on avmedia soundhandler (i#83753, bnc#515553) - Writer bits : - ww8 styles import (i#21939) - hairline table borders export - saving new document comparison data - Ruby in MS Word format (i#79246) - OOXML : - better internal hlinks XLSX export (bnc#594248) - numbering roundtripping issues in DOCX (bnc#569266) - untis translation from EMU in PPTX import (bnc#621739) - group shapes geometry calculation in PPTX import (bnc#621739) - many other import/export fixes and improvements - VBA bits : - changes in event handling - more container control fixes - more on invalid code name import for sheet (bnc#507768) - build bits : - update prebuilt cli dlls for OOo-3.3 - moving ooo-build patches to ooo git sources - use --without-junit on Win32 and openSUSE < 11.2 - used the prepatched OOo sources from ooo-build git - used mozilla-xulrunner192 for openSUSE > 11.3 MaintenanceTracker-35044, CVE-2010-2935, CVE-2010-2936) : - Calc bits : - custom field names handling in Data Pilot (bnc#634974) - remember 'sort by' selection in Data Pilot (bnc#634974) - more on the Flat MSO XML file type detection (bnc#631993) - Impress bits : - cairocanvas border treatment (bnc#629546, rh#557317) MaintenanceTracker-35044, CVE-2010-2935, CVE-2010-2936) : - security fixes : - two impress vulnerabilities (CVE-2010-2935, CVE-2010-2936, bnc#629085) - common bits : - honour ure-link in SDK configure.pl - macro recording crasher (i#113084) [upstream, Rene] - Calc bits : - DataPilot sort by ID (bnc#622920) - Flat MSO XML file type detection (bnc#527738) - DDE linkage upon loading documents (bnc#618846, bnc#618864) - file name as sheet name in Excel 2.1 docs import (bnc#612902) - Draw bits : - random extra arrows around the custom shape (i#105654) - Impress bits : - slideshow clipping (i#112422) - cairocanvas border treatment (bnc#629546, rh#557317) - Writer bits : - input field fixes (bnc#628098, bnc#623944) - non-breaking space erasing freeze (i#i113461) [upstream, Rene] - broken floating tables formatting in DOC import (bnc#617593) - Netbooks bits : - decorate help window (bnc#621116) - more restrictive top level document window check (bnc#607735) - reduce height of PDF export and recovery dialogs (bnc#623352) - Win32 bits : - allow view 'details' in File Open dialog on XP (bnc#620924) - l10n bits : - non-localized Tools/Options/OOo Writer/Comparison (bnc#615000) - speed up : - faster ODS export with lots of hidden rows (deb#582785) - common bits : - allow to start OOo on cifs (i#108106) - non-working Euro Converter wizard (i#100686) - show the control geometric property correctly (bnc#610921) - remove one color from the OOo palette to get 100 colors - Calc bits : - broken cell borders export (bnc#612263) - incorrect automatic print area assignment - Draw bits : - mark invisible layers upon document load properly (bnc#606434) - Writer bits : - 'New table' toolbar behavior (bnc#612013) - l10n : - Hungarian translation fixes - update translations from the openSUSE community - KDE4 bits : - non-Oxygen theme crashes (bnc#612491, i#112102) - ooo-build-3.2.1.3 == 3.2.1-rc3 == final - common bits : - show the really used default icon theme in options (bnc#603169) - disable gcj in supported JRE's - Calc bits : - pasting time data into two cells crasher (bnc#606975) - Draw bits : - associate application/x-wpg with oodraw (bnc#589624) - Impress bits : - embedded media break on 2nd load - pressing 'Apply' in the Media Player crasher (bnc#597691) - Writer bits : - document comparsion saving improvements - bullets RTF import/export bugs (bnc#569266) - l10n bugs : - localize the layouted zoom dialog (bnc#595823) - KDE4 bits : - redraw the status bar when needed (bnc#567886, i#107945) - build bits : - sort filelists to get repeatable results - performance bits : - note's position calculation - faster string cell XLSX import (bnc#594513) - GUI improvements : - better about dialog (i#111425) - better 'New Table' toolbar widget - new toolbars crashers (bnc#601634) - better behavior of new toolbars (bnc#603588) - less intrusive approach to the nicer toolbar decorations - menu bar appearance with some GTK+ themes (i#103999, bnc#527356) - frame around Font color and Highlighting toolbars (bnc#598534) - common bits : - better CJK defaults (i#54320) - metric field limits and units - KDE4 border frame width (i#111464) - allow to start with fresh user configuration again (bnc#599590) - Calc bits : - another R1C1 parser error (bnc#604903) - default precision to 2 in DBF export (i#111074) - disable text wrap when the cell value is numeric - default display format for general number format (i#111533) - empty cells when fetching ext. range (bnc#600667, i#110595) - Impress bits : - more on autoplay PPS/PPSX files (bnc#485645) - bogus file links in exported presentation PDF (bnc#598816) - Writer bits : - non-editable documents with forms (bnc#60135) - invisible graphical bullets in ODT export (i#101131) - OOXML export/import : - Ruby DOCS export - document grid DOCX export - sub/superscripts DOCX export - auto-refresh style DOC(X) export - wrong default style name in DOCX export - shape reference PPTX import crasher (bnc#593611) - master style placeholders in PPTX import (bnc#592906) - char spacing, character style association in DOCX export - VBA bits : - make sure error data isn't cleared on raise - l10n bits : - update from the openSUSE community - fixes for renamed languages (xx-IN -> xx) - build bits : - put mdds into new top level module - parallel build of ct2n extension (bnc#595550) - unopkg-regenerate-cache improvements (bnc#597573) - set correctly the upstream build version (bnc#582120) - symlink uno.py and unohelper.py into the system python path - link against the versioned libmysqlcppconn - added initial support for build on MeeGo distro - common bits : - 64-bit nsplugin fix (i#110747) - assertion during HTML import (i#110806) - missing image in localized helps (i#99165) - non-existent topic auxiliary/shared.tree (i#110963) - scroll combo box content by default (bnc#591650, i#110227) - better support for globally enabled nsplugin (i#49590) - reset security preferences in unoxml; allows to use the system redland (i#110523) - Calc bits : - data validation XLS import (bnc#594235) - data pilot deletion crasher (bnc#595617) - better rendering in Asian vertical mode (bnc#595625) - merged icon state after shift left click (bnc#595822) - database functions regression (bnc#594332, bnc#595713) - conditional formatting XLS import regression (bnc#594266) - refreshing problem with vertical stack format (bnc#597658) - deleting rows inside a merged cell (bnc#596414, lp#558968) - do not export negative decimal places value in ODS (i#110634) - UI issues in R1C1 formula syntax mode (bnc#595078, bnc#595080) - Impress bits : - various Calc crashers with gcc-4.5 (bnc#588957, deb#576665) - Writer bits : - text input fields crasher - tabs not displayed in shapes (bnc#564454) - more on caption separator with empty caption text (i#110287) - VBA bits : - ErrObj behaviour - wizard truncation problems (bnc#591768) - passing wrong separator for range list (bnc#597351) - Err symbol resolution in VBA/non-VBA mode (bnc#597884) - OOXML : - DOCX font import crasher - add fly frames DOCS export (bnc#581604) - regression in paragraph PPTX import (bnc#479829) - l10n bits : - Hungarian translation update - update strings from openSUSE community - do not do extra hacks for en-US-only build - truncated translations in Diagram wizard (i#110702) - footnote anchor Norwegian Bokmal translation (i#109545) - Spanish 'boolean value' translation fix (deb#576842, i#110674) - build bits : - parallel build of ct2n extension (bnc#595550) - update prebuilt ooo-cli-prebuilt to version 3.2.1 - npwrap.cxx build without GTK (i#110833, gentoo#306181) - use --enable-hids (bnc#102592) - started to Require OpenOffice_org-branding >= 3.2.0.99.3 - features : - automatic scrollbars for writer (fate#588554) - dashed and dotted border types in Writer (fate#307731) - experimental VBA import from XLSM documents (fate#309162) - performance : - large Excel documents import speed up (bnc#582693) - page break preview mode speed up (bnc#504618, i#109935) - page number calculation speed up (bnc#504618, i#109935) - common bits : - badly inserted space by autocorrection - embedding video in Writer/Calc crasher - fix for UTF-8 encoded hyphen dictionaries - use .uno:NewDoc instead of deprecated slot:5500 - use Linux-specific template paths only on Linux - Base bits : - wizard crashers (bnc#587797) - Calc bits : - better insert new sheet icon - insert new sheet tab crasher (bnc#590187) - XLS import with drawing objects (bnc#588927) - machine area slot size and row limit (bnc#588554) - various Calc crashers with gcc-4.5 (bnc#588957) - matrix results did not work with auto complete (bnc#503918) - XLS export of heights of rows with wrapped text (bnc#580094) - Impress bits : - media link reference PPT import crasher (bnc#590442) - Writer bits : - DOC import crasher with Tcg records (bnc#590359) - DOC import loop with Tbc & TbcHeader records (bnc#589794) - omit caption separator if caption text is empty (i#110287) - l10n bits : - src/sdf directory clean up - Hungarian UI name order (i#105342) - more localizable strings for scp2 module - localize framework improvements - automated translations of language dependent components - enable CaptionOrderNumberingFirst by default for Hungarian - added WatchWindow Calc extension (fate#309182) - features : - Numbertext extension (fate#308028) - ConvertTextToNumber extension (fate#307906) - support embedded media also for PPT (fate#304532) - update PostgreSQL driver to 0.7.6a; it adds postgresql.xcu to actually offer this driver in the UI - speed up : - more on faster ODS import (n#582693) - more on the Calc's external reference manager refactoring (i#103739,i#108064,i#108404,i#109101,i#109168,i#109170) - common bits : - toolbar popups crasher - update recently used list when the document is saved - process UTF-8 encoded hyphen dictionaries (i#109543) - align style usage with style generation in SVG import - auto caps lock toggling without XTest API (bnc#394949) - Base bits : - more on the MySQL Connector - Calc bits : - search option for filtered cells (bnc#580408) - opcode list for the initial 'last used' functions - break links in formulas with external refs (bnc#585094) - allow PDF export on filtered range selection (bnc#585028) - populate string list in standard filter dialog (bnc#584975) - convert locale-specific date strings to values (bnc#584693) - TAB and autocompletion behavior clean up (n#584953, i#18748) - Impress bits : - fast boxclipper, use for WMF import (i#72418, bnc#535304) - Writer bits : - preserve character style on 'reset format' - show 'Remove Hyperlink' even with selection - OOXML bits : - better connector shape XLSX import (bnc#559393) - VBA bits : - broken OOo Writer API (bnc#585410) - GTK+ bits : - better process glib events on exit - i18n bits : - updated Hungarian localization - do the Hungarian fixes in the right localize.sdf - build bits : - build with gcc-4.5 (i#109853) - apply patches with --fuzz=0 - better handle the parallel build - used the new solution to control parallel build - called make more times to survive random parallel build problem - features : - toolbar popups refactoring - media embedding (i#83753) [upstream, Thorsten] - support for dotted and dashed borders - writer document comparing - 'insert new sheet' tab in Calc (fate#308396) - distributed text alignment support (fate#308334) - insert current date/time via Ctrl-/Shift-Ctrl- (fate#307762) - English function names instead of localized ones (fate#308029) - performance : - faster external reference handling (i#109168) - Common bits : - beginning of small screen mode - crash in headless mode (i#108681) - colorspace calculation fix - textpropreader limit in svdfppt.cxx - lots autocorrection stuff improvements - Add starmath to docs, for EDU project - extensions with nonstandard merge points crasher - valgrind test and other corner cases fixes - Calc bits : - Keep track of cells containing SUBTOTAL (bnc#578802) - incorrect cell positioning during row insertion (bnc#578588) - Impress bits : - sounds spanning multiple slides in PPT import (bnc#515553) - OOXML bits : - chart export - autofit on in OOXML import - better connector shape XLSX import (bnc#549331) - VBA bits : - moduleinfo fixes - lots container control fixes - fire MultiPage_Change event when needed - remove extra GROUPNAME prop from VCLXImageControl - support copy of worksheet to 'other' document via API - build bits : - don't statically link against mono in climaker - Calc bits : - modified date reset to '0' (bnc#581634) *l10n : - duplicate formula names in Spanish localization (i#109407) - removed broken Danish extra localizations sources; fixed function names in Calc (bnc#549027) - Common bits : - prefer OOo over okular and k* - exception handling in SVG import - Impress bits : - mis-detection of cloned displays (bnc#578730, bnc#551391) - OOXML bits : - image wrapping in DOCX import - numbering in DOCX import (bnc#580106) - l10n : - updated Hungarian translation - new strings from SLED11-SP1 translators - applying extra SDF files (i#109378) - really localize the layout dialogs (deb#570378) - localize Vendor in the Windows installer (bnc#571489) - ooo-build-3.2.0.5 == 3.2-rc5 == final - Common bits : - vcl's grey palette init - x86_64 bridge fixes (i#98028, bnc#575704) - not-properly initialized paradepth in svdfppt.cxx - decode URI escapes in subject when sending E-mail (bnc#575653) - various GNOME quickstarter fixes (i#108918, bnc#575555) - decode URI escapes in subject when sending E-mail (bnc#575653) - Base bits : - ReportBuilder crasher (i#108914, bnc#575698) - Calc bits : - better formula variable separator config check (bnc#556142) - Impress bits : - avoid looping in draw/impress - BadMatch crasher during slideshow (i#107763) - l10n bits : - Spanish accelerators fix (i#102645) - build bits : - look for moc in QT4DIR first - Common bits : - valgrind warnings - increase the default java stack size to 1MB (bnc#572372) - Calc bits : - CSV dialog parameters storing (i#108645) - hidden rows heights XLS export (bnc#573938) - pagenation when printing selected cells (bnc#569328) - drilling down on field member crasher (i#103347, bnc#573456) - Write bits : - bullets RTF export (bnc#569266) - create style via API (i#108426) - VBA bits : - library location so VBA services work for Windows - l10n bits : - Spanish translations fix - build bits : - presenter screen extension build - localize framework improvements - performance : - faster XLSX export (bnc#558577) - Common bits : - fixes from valgrind test - SVG import crasher (bnc#560255) - AFM parser crasher (bnc#535485) - Base bits : - Table wizard does not start (i#107917) [upstream, Rene] - Calc bits : - correctly query last flagged row (bnc#568146) - error when saving ODS document as XLSX (bnc#566581) - dis-joint ranges highlighting while in chart mode (bnc#568016) - Writer bits : - fields DOC import crasher (bnc#569348) - KDE4 bits : - override existing files - multiple auto-extension checkboxes - 3rd party plugin should not cause crash (bnc#548354) - VBA bits : - 'exe' checkbox under Load/Save|VBA Properties options - build bits : - update the prebuilt gdocs version to 2.1.0 (bnc#568399) - performance : - DBF import performance by 75% (bnc#558505) - string intern optimization for PC 850 code pages - do not load any VBA crap from non MSO documents - do not always load presenter screen (i#107568) - Common bits : - layout dialogs crashers - few WMF/EMF+ import fixes [upstream, Radek] - file read from sftp-folder (bnc#465102) - pasting from Firefox crashers (bnc#553819) - unnecessary exceptions in sfx2 (i#107512) - better wording of the always save option check box - saving when locking is not supported (bnc#560877, i#107511) - Calc bits : - Lotus import crasher (bnc#565184) - connector styles XLS import (bnc#559393) - minor bugs in datapilot ODS import/export - line count of move-copy sheet dialog (bnc#559438) - random ListBox::CalcMinimumSize() results (bnc#557230) - support XLSX export for more that 65536 rows (bnc#504623) - conflict between formula and decimal separators (bnc#556142) - number of the sheet in the 'Insert Sheet' dialog (bnc#559445) - Writer bits : - image position in DOC import - update table format when pasting a value (bnc#564789) - VBA bits : - macro properties fixup (bnc#566030) - listindex, radiobutton, listbox events (bnc#560355, bnc#561639) - features : - support ooo320-m6 - support iceape/icedove/iceweasel in open-url - add option for the save icon behavior (bnc#556125) - speed up : - filtering performance in presence of cell notes (bnc#556927) - Common bits : - French autocorrection improvements - fullscreen WM hints (bnc#551402) - work with odf-converter again (bnc#557368) - un-set Cairo font options crasher (i#59127) - find the moved help when registering extension (i#107283) [ab, Petr] - Calc bits : - filter removing crasher (bnc#558564) - percent format getting unlimited precision (bnc#555889) - return correct flag value from R1C1 parser (bnc#557475) - incorrect range separator for disjoint ranges (bnc#556268) - TAB key to auto-complete word and move cell cursor (i#18748) - incorrect XLS import of sheet protection options (bnc#542024) - Writer bits : - OLE objects DOC import (bnc#557965) - returning from writer fullscreen mode crasher (i#107248) - OOXML bits : - regression on image DOCX import - sections DOCX import crasher (bnc#548701) - temporary make the XLSX export a separate library - wrong type and position of connector shape in XLSX import (bnc#549331) - VBA bits : - late document event crasher (bnc#558907) - mappings between imported local names and orig excel name - l10n bits : - Hungarian fixes - speed up : - bunch of useless flush calls in rdb code - page break update and printing performance (bnc#554955) - row's hidden state lookup during pagenation (bnc#554955) - Common bits : - better document status icon in the status bar - Calc bits : - more on flat_segment_tree implementation - better icons in the datapilot popup window - datapilot position in XLS export/import (i#106583) - storing custom display names for datapilot tables (i#106975) - Draw bits : - malformed Bezier curve printing (bnc#553219) - more on custom shapes gradient color (bnc#485637) - VBA bits : - more Writer VBA API - more on sheet protection - event helper crasher (bnc#438606) - find fails to wrap search when it fails (bnc#554261) - build bits : - update Google Docs and Zoho extension to version 1.9.0 - added define use_xulrunner191 that would allow to use xulrunner191 on SLED11-SP1 (bnc#540726) - speed up : - do not call `uname` during start (i#106891) - Common bits : - broken find&search dialog (bnc#552450) - broken colors in PDF export (i#106523) - erasing elements in toolkit layout code (i#106575) - Calc bits : - more on automatic adjusting decimal numbers (bnc#541973) - disable paste mode when the input mode is active (i#102456) - rot. text + border in XLS import (i#38709, bnc#549728) - Writer bits : - recorded changes editing (bnc#545815) - image size DOC export (bnc#554549, i#59648) - background color and bullet indentation DOC import (bnc#547308) - OOXML bits : - more on shapes DOCX import - VBA bits : - control name override logic - selection reset after paste - combobox binding data import in userform (bnc#539220) - build bits : - switch back to the internal saxon (bnc#547157) - features : - NLPSolver extension (fate#304653) - oooblogger extension (fate#304555) - Google Docs and Zoho extension (fate#304577) - optional icon themes (i#105062, bnc#529404, bnc#537541) - speed up : - use stringbuf in SVG export - cache fontconfig's pre-match substitution results (bnc#529532) - common bits : - XML parser crasher - opacity SVG import - WebDAV locking stuff rework - many KDE4 integration fixes - set dev-install icons to small ones - regression in WMF import (bnc#417818) - more on fontconfig/cairofont stuff - wrong kerning on Linux (bnc#464436, i#26519) - inserting uiconfiguration ( menus/toolbar ) (i#105154) - keep locks after saving documents via WebDAV (bnc#464568) - better fix for quick-starter unload crasher (i#101245) - save non-English file names with KDE4 dialog (deb#536664) - driver string action and font object EMF+ import (bnc#519715) - prevent multiple window resize when maximised (i#104469) - Base bits : - UPDATE db record failure (i#104088) - Calc bits : - selection change and status icon (bnc#548116) - range selection for RTL languages (bnc#542684) - Force-interpret formula cell results (bnc#540563) - check for the General number format type (i#46511) - broken SUBTOTAL cell function after undo (bnc#545287) - erroneous export of OCX combo box controls (bnc#540566) - automatically adjust the number of decimals (bnc#541973) - skip filtered cells during search or replace (bnc#539282) - unicode strings in external ref URIs (i#103918, i#104166) - disable context menu on non-selectable cells (bnc#542024) - SHA1 hash algorithm for sheet and doc password by default - zero bytes encryption inside cond. formatting (bnc#541058) - selection of cells on protected sheets by default (bnc#538559) - cell selection handling when cell is being edited (bnc#541269) - Draw bits : - slides printing page offset (bnc#537931) - Impress bits : - wrong text bounds - missing drag rect on mac - PPT import crasher (bnc#546758) - bullet size PPT import (bnc#515972) - dock presentation minimizer toolbar - Writer bits : - Non-breaking spaces fixes - UNO API related to fields - unknown fields DOC import (i#61075, i#89667) - allow to add param into form field during import - two consecutive text fields in DOC import (bnc#546416) - OOXML bits : - collapsed paragraphs at the end of the sections DOCX import - VML shapes missing and bad sizes in DOCX import (bnc#549300) - styles without stylesheet definition DOCX import (bnc#545717) - VBA bits : - some wae fixes - controls visibility (bnc#542132) - AutoFilterMode macro (bnc#549383) - more on transient imported autotext - misc IBM fixes (i#104203, i#103653) - support for default member with automation bridge - boolean arguments to worksheet functions (bnc#541735) - more fixes for automation (bnc#535086, bnc#535087, bnc#535088, bnc#535089) - Do While Not 'foo'='' ' causes date type mismatch (i#105321) - IsEmpty RTL function fails with non-object params (bnc#541749) - object not cleared when entering new stack frame (bnc#541755) - l10n bits : - lots fixes - Russian and Slovak autocorection update (i#91304) - split build : - install extensions MIME type icon - install startcenter.desktop (bnc#548534) - Novell bits : - use xulrunner-1.9.1 on openSUSE-11.2 - branch configuration for openSUSE-11.2 - enable EMFPlus section for SLED10 (bnc#232232) - used internal boost on SLED10, openSUSE-10.3, openSUSE-11.0
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 53784
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53784
    title openSUSE Security Update : OpenOffice_org (openSUSE-SU-2011:0337-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBREOFFICE331-110318.NASL
    description Maintenance update to LibreOffice-3.3.1. It adds some interesting features, fixes many bugs, including several security vulnerabilities. The previous OpenOffice_org packages are also renamed to libreoffice. LibreOffice is continuation of the OpenOffice.org project. This update replaces the OpenOffice.org installation, including helper packages, e.g. dictionaries, templates. The new stuff is backward compatible. List of LibreOffice-3.3 features : General - online help - common search toolbar - new easier 'Print' dialog - new easier 'Thesaurus' dialog - more options to modify letters case - added LibreOffice colors to the palette - import of alpha channel for RGBA TIFF (fdo#30472) Calc - sort dialog for DataPilot - increased document protection - insert drawing objects in charts - hierarchical axis labels for charts - automatic decimals digits for 'General' format - new tab page 'Compatibility' in the Options dialog - better performance and interoperability on Excel import - display custom names for DataPilot fields, items, and totals Writer - RTF export (GSoc) - new 'Title Page' dialog - 2-level document protection - better form controls handling - count the number of characters with and without spaces Impress/Draw - PPTX chart import feature - easier slide layout handling - presenter screen uses the laptop output by default - allow to add drawing documents to gallery via API (i#80184) Base - support explicit primary key - support of read-Only database registrations Math - new command 'nospace' Most important changes : - maintenance update (bnc#667421, MaintenanceTracker-38738) - fixed several security bugs : - PowerPoint document processing. (CVE-2010-2935 / CVE-2010-2936) - extensions and filter package files. (CVE-2010-3450) - RTF document processing. (CVE-2010-3451 / CVE-2010-3452) - Word document processing. (CVE-2010-3453 / CVE-2010-3454) - insecure LD_LIBRARY_PATH usage. (CVE-2010-3689) - PDF Import extension resulting from 3rd party library XPD. (CVE-2010-3702 / CVE-2010-3704) - PNG file processing. (CVE-2010-4253) - TGA file processing. (CVE-2010-4643) - libreoffice-3.3.1.2 == 3.3.1-rc2 == final - fixed audio/video playback in presentation (deb#612940, bnc#651250) - fixed non-working input methods in KDE4. (bnc#665112) - fixed occasional blank first slide (fdo#34533) - fixed cairo canvas edge count calculation. (bnc#647959) - defuzzed piece-packimages.diff to apply - updated to libreoffice-3.3.1.2 (3.3.1-rc2) : - l10n - updated some translations - libs-core - crashing oosplash and malformed picture. (bnc#652562) - Byref and declare Basic statement (fdo#33964, i#115716) - fixed BorderLine(2) conversion to SvxBorderLine (fdo#34226) - libs-gui - getEnglishSearchFontName() searches Takao fonts - sdk - fix ODK settings.mk to only set STLPORTLIB if needed - writer - rtfExport::HackIsWW8OrHigher(): return true (fdo#33478) - visual editor destroys formulas containing symbols (fdo#32759, fdo#32755) - enabled KDE4 support for SLED11; LO-3.3.1 fixed the remaining annoying bugs - fixed EMF+ import. (bnc#650049) - updated to libreoffice-3.3.1.1 (3.3.1-rc1) : - artwork - new MIME type icons for LibreOffice - bootstrap - wrong line break with ( (fdo#31271) - build - default formula string (n#664516) - don't version the bundled ct2n extension - last update of translations from Pootle for 3.3.1 - calc - import of cell attributes from Excel documents - incorrect page number in page preview mode (fdo#33155) - components - remove pesky on-line registration menu entry (fdo#33112) - crash on changing position of drawing object in header (rhbz#673819) - extras - start using technical.dic instead of oracle.dic (fdo#31798) - filters - pictures DOCX import. (bnc#655763) - parse 'color' property (fdo#33551) - fix ole object import for writer (DOCX) (fdo#33237) - help - OOo -> LibO on Getting Support page (fdo#33249) - libs-core - handle css::table::BorderLine - add preferred Malayalam fonts (fdo#32953) - fix KDE3 library search order (fdo#32797) - StarDesktop.terminate macro behaviour (#30879) - Sun Microsystems -> TDF in desktop file (fdo#31191) - fixed several crashes around config UNO API (fdo#33994) - implementation names weren't matching with xcu (fdo#32872) - improve the check for existence of the localized help (fdo#33258) - libs-extern - upgrade libwpd to 0.9.1 - libs-gui - painting of axial gradients (116318) - fix wrong collation for Catalan language - crash when moving through database types (fdo#32561) - paint toolbar handle positioned properly (fdo#32558) - remove the menu when Left Alt Key was pressed; for GTK - default currency for Estonia should be Euro (fdo#33160) - year of era in long format for zh_TW by default (fdo#33459) - writer - use standard Edit button width of 50 (fdo#32633) - improve formfield checkbox binary export. (bnc#660816) - infinite loop while exporting some files in DOC/DOCX/RTF - CTL/Other Default Font (i#25247, i#25561, i#48064, i#92341) - libreoffice-build-3.3.0.4 == 3.3.0-rc4 == final - updated to libreoffice-3.3.0.4 (3.3-rc4) : - common : - remove pesky on-line registration menu entry (fdo#33112) - artwork : - fix search toolbar up/down search button icons - base : - report builder not shows properties on report fields (fdo#32742) - report left/right page margin setting ignored on 64-bit (i#116187) - build : - updated translations - calc : - reverted problematic and dangerous: # performance of filters with many filtered ranges (i#116164) # obtain correct data range for external references (i#115906) - libs-core : - FMR crasher (fdo#33099) - backgrounds for polypolygons in metafile (i#116371) - unopkg crasher on SLED11-SP1. (bnc#655912) - libs-gui : - use sane scrollbar sizes when drawing - painting of axial gradients (i#116318) - do not mix unrelated X11 Visuals (fdo#33108) - avoid GetHelpText() call which can be quite heavy - writer : - fields fixes: key inputs, 0-length fields import. (bnc#657135) - replaced obsolete SuSEconfig gtk2 module call with %%icon_theme_cache_post(un) macros for openSUSE > 11.3. (bnc#663245) - updated to libreoffice-3.3.0.3 (3.3-rc3) : - build : - use libreoffice and lo* wrappers; update man pages accordingly - navigation buttons' patch selection handling (fdo#32380, bnc#649506) - calc : - bogus check for numerical sheet names (fdo#32570) - performance of filters with many filtered ranges (i#116164) - obtain correct data range for external references (i#115906) - avoid double-paste when pasting text into cell comment (fdo#32572) - components : - fix nsplugin for LibreOffice name - fixing large OOXML files (i#115944) - layout breakage for KDE, X11 and (possibly) Mac (fdo#32133) - extensions : - patching xpdf to patchlevel 3.02pl5 - extras : - creating technical.dic based on src/*.dic - filters : - small TGAReader improvement (i#164349) - PageRange handling in writer PDF export (#116085) - impress : - missing font color (rhbz#663857) - use updated anchor for group shapes (i#115898) - presentation objects on master pages (i#115993) - libs-core : - survive missing window (rhbz#666216) - better font selection in Japanese locale. - do not block when launching Firefox (fdo#32427) - show the license information in a separate dialog (fdo#32563) - make unopkg --suppress-license skip license in all cases (fdo#32840) - libs-extern-sys : - better XPATH handling (i#164350) - libs-gui : - use the initial language if not specified (fdo#32523) - clean up search cache singleton in correct order (rhbz#666088) - writer : - undo/redo crash with postits (rhbz#660342) - rearrange title dialog to get translations (fdo#32633) - move to the next record during mail merge (fdo#32790) - updated to libreoffice-3.3.0.2 (3.3-rc2) : - common : - copy & paste a text formatted cell (i#115825) - replaced http://www.openoffice.org (fdo#32169) - bootstrap : - check if KDE is >= 4.2 - cleanup unfortunate license duplication - calc : - ignore preceding spaces when parsing numbers - make the string 'New Record' localizable (fdo#32209) - remove trailing spaces too when parsing CSV simple numbers - display correct record information in Data Form dialog (fdo#32196) - components : - make the ODMA check box clickable again (fdo#32132) - fixed the sizes of Tips and Extended tips check boxes - make 'Reset help agent' button clickable again (fdo#32132) - extensions : - fix filled polygons on PDF import - filters : - performance for import of XLSX files with drawing objects (i#115940) - impress : - missing embedded object in ODP export (i#115898) - grey as default color for native tables in Impress - graphics on master page cannot be deleted (i#115993) - libs-core : - save with the proper DOC variant (fdo#32219) - removed dupe para ids introduced by copy&paste - colon needed for LD_LIBRARY_PATH set but empty - wikihelp: use the right Help ID URL (fdo#32338) - MySQL Cast(col1 as CHAR) yields error (i#115436) - import compatibility for enhanced fields names (fdo#32172) - libs-extern-sys : - XPATH handling fix - libs-gui : - PPTX import crasher. (bnc#654065) - copy&paste problem of metafiles (i#115825) - force Qt paint system to native (fdo#30991) - display problem with Vegur font (fdo#31243) - URIs must be exported as 7bit ASCII (i#115788) - regression in WMF text rendering (fdo#32236, i#115825) - postprocess : - only register EvolutionLocal when EVO support is enabled (fdo#32007) - writer : - after 'data to fields' mail merge does not work (fdo#31190) - missing outline feature in new RTF export filter (fdo#32039) - encoding of Greek letters names with accent in French (i#115956) - build bits : - better build identification in the about dialog - updated to libreoffice-3.3.0.1 (3.3-rc1) : - ooo integration : - Merge commit 'ooo/OOO330_m17' into libreoffice-3-3 - common : - more RTF import/export fixes - updated branding for rc - artwork : - fixed icons with PNG optimizations - remove remaining ODF MIME type icons - bootstrap : - Add BrOffice artwork / branding support - Do not install HTML versions of LICENSE and README - install credits file - build : - empty toolbar. (bnc#654039) - pack PostgreSQL driver as .oxt instead of .zip - calc : - avoid pasting data from OOo Calc as an OLE object - scaling factor calculation for drawing layer (i#115313) - broken filter option in Datapilot (i#115431) - 'Precision as shown' not working if automatic decimal (i#115512) - disable document modify and broadcasting of changes on range names - don't update visible ranges for invisible panes - changing margins in print preview should mark the document modified - make VLOOKUP work with an external reference once again (fdo#31718) - more strict parsing of external range names - no automatic width adjustment of the dropdown popups (fdo#31710) - re-calculate visible range when switching sheets - skip hidden cells while expanding range selection - components : - overlapping controls - bad alloc and convert to ZipIOException (rh#656191) - divide by zero (rh#657628) - extras : - use consistent autocorrect file names - filters : - fix writerfilter XSL to handle more elements - missing call to importDocumentProperties. (bnc#655194) - rotated text DOCX import (fdo#30474) - impress : - avoid antialiasing for drag rect - libs-core : - Adapted README according to list feedback - register EvolutionLocal when evolution support is enabled (fdo#32007) - crash during toolpanel re-docking - crash in FR version when typing / as first character (i#115774) - only start the quick-starter on restart - don't crash when quickstarter is exited by user (rh#650170) - shutdown quickstarter at end of desktop session (rh#650170) - exit quickstarter if physically deleted (rh#610103) - autocorrect crasher (rh#647392) - start quickstarter on every launch if configured to use it - Switch toolbar icon size to 'auto-detect' - libs-extern : - Use the new stable libwp* releases as default - libs-extern-sys : - fixed urllib.urlopen in the internal python (fdo#31466) - libs-gui : - Allow the dropdown list of a combo box to be scrollable. (fdo#31710) - PDF export regression for simple RTL cases (i#115618) - freeze with ODP import (i#115761) - make toolbar icon size native-widget controlled - use BrOffice in pt_BR locale (fdo#31770) - release the clipboard after flush (i#163153) - l10n : - BrOffice in Brazil => %PRODUCTNAME_BR for win32 installer - sdk : - correct resolveLink function (i#115310) - writer : - crash when opening File/Print dialog fixed (i#115354) - better enhanced fields navigation - allow to localize the 'My AutoText' string (i#66304) - table alignment set to 'From Left' when moving the right. (bnc#636367) - font color selection didn't effect new text. (bnc#652204) - column break DOC import problem. (bnc#652364) - build bits : - install branding for the welcome screen. (bnc#653519) - fixed URL, summary, and description for LibreOffice - bumped requires to libreoffice-branding-upstream > 3.2.99.3 - created l10n-prebuilt subpackage for prebuilt registry files. (bnc#651964) - disabled KDE3 stuff on openSUSE >= 11.2. (bnc#605472, bnc#621472) - added gcc-c++ and libxml2-devel into BuildRequires; were required by kdelibs3-devel before - updated to libreoffice-3.2.99.3 (3.3-beta3) : - ooo integration : - Merge commit 'ooo/OOO330_m13' - common : - impress ruler behaviour - add Title Page dialog (i#7065) - save 1MB on wizards per language - images optimized for smaller size - do not insert a new cell beyond the end - handle multiple selection for printing (i#115266) - remove VBAForm property and associated geometry hack (fdo#30856) - base : - key columns in all tables (i#114026) - reports executed for data display (i#114627) - calc : - non-functional select - defined names in Calc functions (i#79854) - use Ctrl-Shift-D to launch selection list - regression for range array input, e.g. {=A1:A5} - crash on importing docs with database functions - crash on importing named ranges on higher sheets - remove the 'insert new sheet' tab in read-only mode - incorrect display of references from the formula input wizard - new tab page 'Compatibility' in the Options dialog (fdo#30559) - components : - default to evolution - crash in scanner dialog (rh#648475) - extras : - added LibreOffice and Tango palettes - filters : - crash on unsupported .tiffs (i#93300) - vertical text alignment and placeholder style. (bnc#645116) - impress : - broken zoom behaviour - crash in OGL transitions - support for PPT newsflash slide transition - libs-core : - register EVO address book - more quickstarter fixes (i#108846) - missing media-type for ODF thumbnails - add credits hyperlink into about dialog - freeze when adding an extension (i#114933) - -quickstart option, and help fix (i#108846) - GNOME filepicker filter selection (i#112411) - use 'Enter Password' in all dialogs (fdo#31075) - add display properties to control shapes (i#112597) - disable user migration when SAL_DISABLE_USERMIGRATION is set - libs-gui : - disable KDE's crash handler - refresh of OLE object previews - adding font aliases (i#114706) - comparison of key events for IM - show Java error just once by default - underlining problem with Graphite fonts (i#114765) - saving tempfiles when locking is not supported. - better selection of localized font names (i#114703) - MetricFields SetUnit conversions (fdo#30899, bnc#610921) - make Presenter Screen default to the projector (i#112421) - Qt event loop integration (when Glib is used) for KDE4 vclplug - writer : - title pages (i#i66619) - more RTF import/export fixes - tables in page styles (i#114366) - round-trip of DOC unhandled fields - double-click behavior on enhanced fields - leaky pStream after RTF import (fdo#31362) - crash when choosing starmath from start screen - OLE Links round-trip fixed for links as pictures - setup XML namespaces also for footers and headers. (bnc#581954) - switched to the LibreOffice code base, http://www.documentfoundation.org/ - renamed packages from OpenOffice_org* to libreoffice* - updated to libreoffice-3.2.99.2 (3.3-beta2) : - common : - show menus in icons fixup - show all appropriate formats by default on save as (i#113141) - RenderBadPicture on multihead setups and Cairo (i#94007, i#111758) - base : - use correct table name (i#114246) - calc : - better performance on Excel doc import - components : - bound image controls (i#112659) - Appearance config dialog crasher (i#108246) - Euro converter didn't work with ODS (i#100686) - ImageURL and Graphic properties handling (i#113991) - extensions : - some reportbuilder fixes (i#114111, i#112652) - extras : - fix malformed XML file (i#111741) - add Croatian autocorrection (i#96706) - updated Hungarian standard.bau (i#112387) - eensgezinswoning replaces eensgezinswoning - add 1/2, 3/4 and 1/4 symbols to af-ZA, de, en-ZA, mn and pl - filters : - adjust for table::BorderLine2 - table DOCX import crasher (rh#632236) - misc improvements for DOCX VML import - text position bug in DOC import. (bnc#532920) - implement import of alpha channel for RGBA .tiffs (fdo#30472) - impress : - improve randomisation in 'dissolve' transition - libs-core : - add in MonoSpace setting - print the formula itself by default - extension can contain compiled help (i#114008) - no update menu entry for bundled extensions (i#113524) - prevent online update for bundled extensions (i#113524) - make search/replace of colour names with translations safer (i#110142) - libs-gui : - maths brackets misformed in presentation mode (i#113400) - better font-name localization, i.e. en fallback (i#114703) - default to UTF-8 for HTML unless we know differently (i#76649) - writer : - color problem in RTF export (fdo#30604) - crash on export of TOC to .doc (i#112384) - prevent document modification while printing (i#112518) - dotted and dashed border types (fate#307731, fate#307730) - changes from libreoffice-3.2.99.1 (3.3-beta1) : - features : - renamed to LibreOffice - based on ooo330-m7 - changed default branding - started to support the LibreOffice code base [all] - ordinal suffixes autocorrection improvements - updated Numbertext extension to version 0.9.3 - support new distros Raw, LibreOfficeLinux, LibreOfficeMacOSX, LibreOfficeWin32 - performance bits : - memory footprint during PPT import. (bnc#637925) - performance bug on row height adjustments. (bnc#640112) - common bits : - don't set header in DDE tables. (bnc#634517) - Calc bits : - cell content rendering [bnc#640128] - Excel's cell border thickness mapping. (bnc#636691) - relative and absolute references toggling. (bnc#634260) - more on the Flat MSO XML file type detection. (bnc#631993) - Writer bits : - SwXTextRange DOC import (i#112564) - table formulas DOC import. (bnc#631912) - input field fixes. (bnc#628098, bnc#623944) - OLE Links with image DOC import. (bnc#628098) - nested SET/FILLIN fields DOC import. (bnc#634478) - broken floating tables formatting in DOC import. (bnc#617593) - double-clicking on field gives 'read only' message. (bnc#639288) - OOXML bits : - text paragraph autofit PPTX import - VBA bits : - implicit indexes handling - logical operator precedence - column para for Range.Cells. (bnc#639297) - build bits : - update internal ICU to version 4.2.1 - fetch 185d60944ea767075d27247c3162b3bc-unowinreg.dll - updated to version 3.2.98.1 (3.3-alpha1) : - features : - RTF export rewrite - writer navigation - remove obsolete Industrial icon theme - common bits : - gray read-only styles (i#85003) - Accelerators for OK/Cancel buttons in GTK. (bnc#608572) - Calc bits : - cell borders not saved. (bnc#612263) - external reference rework. (bnc#628876) - Flat MSO XML file type detection. (bnc#631993) - disable custom tab colors in high contrast mode - display correct field in data pilot. (bnc#629920) - Watch Window extension doesn't show sheet name. (bnc#604638) - Draw bits : - associate application/x-wpg with oodraw. (bnc#589624) - Impress bits : - More on avmedia soundhandler (i#83753, bnc#515553) - Writer bits : - ww8 styles import (i#21939) - hairline table borders export - saving new document comparison data - Ruby in MS Word format (i#79246) - OOXML : - better internal hlinks XLSX export. (bnc#594248) - numbering roundtripping issues in DOCX. (bnc#569266) - untis translation from EMU in PPTX import. (bnc#621739) - group shapes geometry calculation in PPTX import. (bnc#621739) - many other import/export fixes and improvements - VBA bits : - changes in event handling - more container control fixes - more on invalid code name import for sheet. (bnc#507768) - build bits : - update prebuilt cli dlls for OOo-3.3 - moving ooo-build patches to ooo git sources - use --without-junit on Win32 and openSUSE < 11.2 - used the prepatched OOo sources from ooo-build git - used mozilla-xulrunner192 for openSUSE > 11.3
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 52735
    published 2011-03-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=52735
    title SuSE 11.1 Security Update : Libreoffice (SAT Patch Number 4082)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1056-1.NASL
    description Charlie Miller discovered several heap overflows in PPT processing. If a user or automated system were tricked into opening a specially crafted PPT document, a remote attacker could execute arbitrary code with user privileges. Ubuntu 10.10 was not affected. (CVE-2010-2935, CVE-2010-2936) Marc Schoenefeld discovered that directory traversal was not correctly handled in XSLT, OXT, JAR, or ZIP files. If a user or automated system were tricked into opening a specially crafted document, a remote attacker overwrite arbitrary files, possibly leading to arbitrary code execution with user privileges. (CVE-2010-3450) Dan Rosenberg discovered multiple heap overflows in RTF and DOC processing. If a user or automated system were tricked into opening a specially crafted RTF or DOC document, a remote attacker could execute arbitrary code with user privileges. (CVE-2010-3451, CVE-2010-3452, CVE-2010-3453, CVE-2010-3454) Dmitri Gribenko discovered that OpenOffice.org did not correctly handle LD_LIBRARY_PATH in various tools. If a local attacker tricked a user or automated system into using OpenOffice.org from an attacker-controlled directory, they could execute arbitrary code with user privileges. (CVE-2010-3689) Marc Schoenefeld discovered that OpenOffice.org did not correctly process PNG images. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. (CVE-2010-4253) It was discovered that OpenOffice.org did not correctly process TGA images. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. (CVE-2010-4643). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 51858
    published 2011-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51858
    title Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : openoffice.org vulnerabilities (USN-1056-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_OPENOFFICE_ORG-110330.NASL
    description Maintenance update to LibreOffice-3.3.1. It adds some interesting features, fixes many bugs, including several security vulnerabilities. The previous OpenOffice_org packages are also renamed to libreoffice. LibreOffice is continuation of the OpenOffice.org project. This update replaces the OpenOffice.org installation, including helper packages, e.g. dictionaries, templates. The new stuff is backward compatible. - fixed security bugs : - PowerPoint document processing (CVE-2010-2935, CVE-2010-2936) - extensions and filter package files (CVE-2010-3450) - RTF document processing (CVE-2010-3451, CVE-2010-3452) - Word document processing (CVE-2010-3453, CVE-2010-3454) - insecure LD_LIBRARY_PATH usage (CVE-2010-3689) - PDF Import extension resulting from 3rd party library XPD (CVE-2010-3702, CVE-2010-3704) - PNG file processing (CVE-2010-4253) - TGA file processing (CVE-2010-4643) - most important changes : - add conflicts to force migration to libreoffice - obsolete Quickstarter - enabled KDE3 support (bnc#678998) - libreoffice-3.3.1.2 == 3.3.1-rc2 == final - fixed audio/video playback in presentation (deb#612940, bnc#651250) - fixed non-working input methods in KDE4 (bnc#665112) - fixed occasional blank first slide (fdo#34533) - fixed cairo canvas edge count calculation (bnc#647959) - updated to libreoffice-3.3.1.2 (3.3.1-rc2) : - l10n - updated some translations - libs-core - crashing oosplash and malformed picture (bnc#652562) - Byref and declare Basic statement (fdo#33964, i#115716) - fixed BorderLine(2) conversion to SvxBorderLine (fdo#34226) - libs-gui - getEnglishSearchFontName() searches Takao fonts - sdk - fix ODK settings.mk to only set STLPORTLIB if needed - writer - rtfExport::HackIsWW8OrHigher(): return true (fdo#33478) - visual editor destroys formulas containing symbols (fdo#32759, fdo#32755) - enabled KDE4 support for SLED11; LO-3.3.1 fixed the remaining annoying bugs - fixed EMF+ import (bnc#650049) - updated to libreoffice-3.3.1.1 (3.3.1-rc1) : - artwork - new MIME type icons for LibreOffice - bootstrap - wrong line break with ( (fdo#31271) - build - default formula string (n#664516) - don't version the bundled ct2n extension - last update of translations from Pootle for 3.3.1 - calc - import of cell attributes from Excel documents - incorrect page number in page preview mode (fdo#33155) - components - remove pesky on-line registration menu entry (fdo#33112) - crash on changing position of drawing object in header (rhbz#673819) - extras - start using technical.dic instead of oracle.dic (fdo#31798) - filters - pictures DOCX import (bnc#655763) - parse 'color' property (fdo#33551) - fix ole object import for writer (DOCX) (fdo#33237) - help - OOo -> LibO on Getting Support page (fdo#33249) - libs-core - handle css::table::BorderLine - add preferred Malayalam fonts (fdo#32953) - fix KDE3 library search order (fdo#32797) - StarDesktop.terminate macro behaviour (#30879) - Sun Microsystems -> TDF in desktop file (fdo#31191) - fixed several crashes around config UNO API (fdo#33994) - implementation names weren't matching with xcu (fdo#32872) - improve the check for existence of the localized help (fdo#33258) - libs-extern - upgrade libwpd to 0.9.1 - libs-gui - painting of axial gradients (116318) - fix wrong collation for Catalan language - crash when moving through database types (fdo#32561) - paint toolbar handle positioned properly (fdo#32558) - remove the menu when Left Alt Key was pressed; for GTK - default currency for Estonia should be Euro (fdo#33160) - year of era in long format for zh_TW by default (fdo#33459) - writer - use standard Edit button width of 50 (fdo#32633) - improve formfield checkbox binary export (bnc#660816) - infinite loop while exporting some files in DOC/DOCX/RTF - CTL/Other Default Font (i#25247, i#25561, i#48064, i#92341) - libreoffice-build-3.3.0.4 == 3.3.0-rc4 == final - updated to libreoffice-3.3.0.4 (3.3-rc4) : - common : - remove pesky on-line registration menu entry (fdo#33112) - artwork : - fix search toolbar up/down search button icons - base : - report builder not shows properties on report fields (fdo#32742) - report left/right page margin setting ignored on 64-bit (i#116187) - build : - updated translations - calc : - reverted problematic and dangerous : - performance of filters with many filtered ranges (i#116164) - obtain correct data range for external references (i#115906) - libs-core : - FMR crasher (fdo#33099) - backgrounds for polypolygons in metafile (i#116371) - unopkg crasher on SLED11-SP1 (bnc#655912) - libs-gui : - use sane scrollbar sizes when drawing - painting of axial gradients (i#116318) - do not mix unrelated X11 Visuals (fdo#33108) - avoid GetHelpText() call which can be quite heavy - writer : - fields fixes: key inputs, 0-length fields import (bnc#657135) - replaced obsolete SuSEconfig gtk2 module call with %%icon_theme_cache_post(un) macros for openSUSE > 11.3 (bnc#663245) - updated to libreoffice-3.3.0.3 (3.3-rc3) : - build : - use libreoffice and lo* wrappers; update man pages accordingly - navigation buttons' patch selection handling (fdo#32380, bnc#649506) - calc : - bogus check for numerical sheet names (fdo#32570) - performance of filters with many filtered ranges (i#116164) - obtain correct data range for external references (i#115906) - avoid double-paste when pasting text into cell comment (fdo#32572) - components : - fix nsplugin for LibreOffice name - fixing large OOXML files (i#115944) - layout breakage for KDE, X11 and (possibly) Mac (fdo#32133) - extensions : - patching xpdf to patchlevel 3.02pl5 - extras : - creating technical.dic based on src/*.dic - filters : - small TGAReader improvement (i#164349) - PageRange handling in writer PDF export (#116085) - impress : - missing font color (rhbz#663857) - use updated anchor for group shapes (i#115898) - presentation objects on master pages (i#115993) - libs-core : - survive missing window (rhbz#666216) - better font selection in Japanese locale. - do not block when launching Firefox (fdo#32427) - show the license information in a separate dialog (fdo#32563) - make unopkg --suppress-license skip license in all cases (fdo#32840) - libs-extern-sys : - better XPATH handling (i#164350) - libs-gui : - use the initial language if not specified (fdo#32523) - clean up search cache singleton in correct order (rhbz#666088) - writer : - undo/redo crash with postits (rhbz#660342) - rearrange title dialog to get translations (fdo#32633) - move to the next record during mail merge (fdo#32790) - updated to libreoffice-3.3.0.2 (3.3-rc2) : - common : - copy & paste a text formatted cell (i#115825) - replaced http://www.openoffice.org (fdo#32169) - bootstrap : - check if KDE is >= 4.2 - cleanup unfortunate license duplication - calc : - ignore preceding spaces when parsing numbers - make the string 'New Record' localizable (fdo#32209) - remove trailing spaces too when parsing CSV simple numbers - display correct record information in Data Form dialog (fdo#32196) - components : - make the ODMA check box clickable again (fdo#32132) - fixed the sizes of Tips and Extended tips check boxes - make 'Reset help agent' button clickable again (fdo#32132) - extensions : - fix filled polygons on PDF import - filters : - performance for import of XLSX files with drawing objects (i#115940) - impress : - missing embedded object in ODP export (i#115898) - grey as default color for native tables in Impress - graphics on master page cannot be deleted (i#115993) - libs-core : - save with the proper DOC variant (fdo#32219) - removed dupe para ids introduced by copy&paste - colon needed for LD_LIBRARY_PATH set but empty - wikihelp: use the right Help ID URL (fdo#32338) - MySQL Cast(col1 as CHAR) yields error (i#115436) - import compatibility for enhanced fields names (fdo#32172) - libs-extern-sys : - XPATH handling fix - libs-gui : - PPTX import crasher (bnc#654065) - copy&paste problem of metafiles (i#115825) - force Qt paint system to native (fdo#30991) - display problem with Vegur font (fdo#31243) - URIs must be exported as 7bit ASCII (i#115788) - regression in WMF text rendering (fdo#32236, i#115825) - postprocess : - only register EvolutionLocal when EVO support is enabled (fdo#32007) - writer : - after 'data to fields' mail merge does not work (fdo#31190) - missing outline feature in new RTF export filter (fdo#32039) - encoding of Greek letters names with accent in French (i#115956) - build bits : - better build identification in the about dialog - updated to libreoffice-3.3.0.1 (3.3-rc1) : - ooo integration : - Merge commit 'ooo/OOO330_m17' into libreoffice-3-3 - common : - more RTF import/export fixes - updated branding for rc - artwork : - fixed icons with PNG optimizations - remove remaining ODF MIME type icons - bootstrap : - Add BrOffice artwork / branding support - Do not install HTML versions of LICENSE and README - install credits file - build : - empty toolbar (bnc#654039) - pack PostgreSQL driver as .oxt instead of .zip - calc : - avoid pasting data from OOo Calc as an OLE object - scaling factor calculation for drawing layer (i#115313) - broken filter option in Datapilot (i#115431) - 'Precision as shown' not working if automatic decimal (i#115512) - disable document modify and broadcasting of changes on range names - don't update visible ranges for invisible panes - changing margins in print preview should mark the document modified - make VLOOKUP work with an external reference once again (fdo#31718) - more strict parsing of external range names - no automatic width adjustment of the dropdown popups (fdo#31710) - re-calculate visible range when switching sheets - skip hidden cells while expanding range selection - components : - overlapping controls - bad alloc and convert to ZipIOException (rh#656191) - divide by zero (rh#657628) - extras : - use consistent autocorrect file names - filters : - fix writerfilter XSL to handle more elements - missing call to importDocumentProperties (bnc#655194) - rotated text DOCX import (fdo#30474) - impress : - avoid antialiasing for drag rect - libs-core : - Adapted README according to list feedback - register EvolutionLocal when evolution support is enabled (fdo#32007) - crash during toolpanel re-docking - crash in FR version when typing / as first character (i#115774) - only start the quick-starter on restart - don't crash when quickstarter is exited by user (rh#650170) - shutdown quickstarter at end of desktop session (rh#650170) - exit quickstarter if physically deleted (rh#610103) - autocorrect crasher (rh#647392) - start quickstarter on every launch if configured to use it - Switch toolbar icon size to 'auto-detect' - libs-extern : - Use the new stable libwp* releases as default - libs-extern-sys : - fixed urllib.urlopen in the internal python (fdo#31466) - libs-gui : - Allow the dropdown list of a combo box to be scrollable. (fdo#31710) - PDF export regression for simple RTL cases (i#115618) - freeze with ODP import (i#115761) - make toolbar icon size native-widget controlled - use BrOffice in pt_BR locale (fdo#31770) - release the clipboard after flush (i#163153) - l10n : - BrOffice in Brazil => %PRODUCTNAME_BR for win32 installer - sdk : - correct resolveLink function (i#115310) - writer : - crash when opening File/Print dialog fixed (i#115354) - better enhanced fields navigation - allow to localize the 'My AutoText' string (i#66304) - table alignment set to 'From Left' when moving the right (bnc#636367) - font color selection didn't effect new text (bnc#652204) - column break DOC import problem (bnc#652364) - build bits : - install branding for the welcome screen (bnc#653519) - fixed URL, summary, and description for LibreOffice - bumped requires to libreoffice-branding-upstream > 3.2.99.3 - created l10n-prebuilt subpackage for prebuilt registry files (bnc#651964) - disabled KDE3 stuff on openSUSE >= 11.2 (bnc#605472, bnc#621472) - added gcc-c++ and libxml2-devel into BuildRequires; were required by kdelibs3-devel before - updated to libreoffice-3.2.99.3 (3.3-beta3) : - ooo integration : - Merge commit 'ooo/OOO330_m13' - common : - impress ruler behaviour - add Title Page dialog (i#7065) - save 1MB on wizards per language - images optimized for smaller size - do not insert a new cell beyond the end - handle multiple selection for printing (i#115266) - remove VBAForm property and associated geometry hack (fdo#30856) - base : - key columns in all tables (i#114026) - reports executed for data display (i#114627) - calc : - non-functional select - defined names in Calc functions (i#79854) - use Ctrl-Shift-D to launch selection list - regression for range array input, e.g. {=A1:A5} - crash on importing docs with database functions - crash on importing named ranges on higher sheets - remove the 'insert new sheet' tab in read-only mode - incorrect display of references from the formula input wizard - new tab page 'Compatibility' in the Options dialog (fdo#30559) - components : - default to evolution - crash in scanner dialog (rh#648475) - extras : - added LibreOffice and Tango palettes - filters : - crash on unsupported .tiffs (i#93300) - vertical text alignment and placeholder style (bnc#645116) - impress : - broken zoom behaviour - crash in OGL transitions - support for PPT newsflash slide transition - libs-core : - register EVO address book - more quickstarter fixes (i#108846) - missing media-type for ODF thumbnails - add credits hyperlink into about dialog - freeze when adding an extension (i#114933) - -quickstart option, and help fix (i#108846) - GNOME filepicker filter selection (i#112411) - use 'Enter Password' in all dialogs (fdo#31075) - add display properties to control shapes (i#112597) - disable user migration when SAL_DISABLE_USERMIGRATION is set - libs-gui : - disable KDE's crash handler - refresh of OLE object previews - adding font aliases (i#114706) - comparison of key events for IM - show Java error just once by default - underlining problem with Graphite fonts (i#114765) - saving tempfiles when locking is not supported. - better selection of localized font names (i#114703) - MetricFields SetUnit conversions (fdo#30899, bnc#610921) - make Presenter Screen default to the projector (i#112421) - Qt event loop integration (when Glib is used) for KDE4 vclplug - writer : - title pages (i#i66619) - more RTF import/export fixes - tables in page styles (i#114366) - round-trip of DOC unhandled fields - double-click behavior on enhanced fields - leaky pStream after RTF import (fdo#31362) - crash when choosing starmath from start screen - OLE Links round-trip fixed for links as pictures - setup XML namespaces also for footers and headers (bnc#581954) - switched to the LibreOffice code base, http://www.documentfoundation.org/ - renamed packages from OpenOffice_org* to libreoffice* - updated to libreoffice-3.2.99.2 (3.3-beta2) : - common : - show menus in icons fixup - show all appropriate formats by default on save as (i#113141) - RenderBadPicture on multihead setups and Cairo (i#94007, i#111758) - base : - use correct table name (i#114246) - calc : - better performance on Excel doc import - components : - bound image controls (i#112659) - Appearance config dialog crasher (i#108246) - Euro converter didn't work with ODS (i#100686) - ImageURL and Graphic properties handling (i#113991) - extensions : - some reportbuilder fixes (i#114111, i#112652) - extras : - fix malformed XML file (i#111741) - add Croatian autocorrection (i#96706) - updated Hungarian standard.bau (i#112387) - eensgezinswoning replaces eensgezinswoning - add 1/2, 3/4 and 1/4 symbols to af-ZA, de, en-ZA, mn and pl - filters : - adjust for table::BorderLine2 - table DOCX import crasher (rh#632236) - misc improvements for DOCX VML import - text position bug in DOC import (bnc#532920) - implement import of alpha channel for RGBA .tiffs (fdo#30472) - impress : - improve randomisation in 'dissolve' transition - libs-core : - add in MonoSpace setting - print the formula itself by default - extension can contain compiled help (i#114008) - no update menu entry for bundled extensions (i#113524) - prevent online update for bundled extensions (i#113524) - make search/replace of colour names with translations safer (i#110142) - libs-gui : - maths brackets misformed in presentation mode (i#113400) - better font-name localization, i.e. en fallback (i#114703) - default to UTF-8 for HTML unless we know differently (i#76649) - writer : - color problem in RTF export (fdo#30604) - crash on export of TOC to .doc (i#112384) - prevent document modification while printing (i#112518) - dotted and dashed border types (fate#307731, fate#307730) - changes from libreoffice-3.2.99.1 (3.3-beta1) : - features : - renamed to LibreOffice - based on ooo330-m7 - changed default branding - started to support the LibreOffice code base [all] - ordinal suffixes autocorrection improvements - updated Numbertext extension to version 0.9.3 - support new distros Raw, LibreOfficeLinux, LibreOfficeMacOSX, LibreOfficeWin32 - performance bits : - memory footprint during PPT import (bnc#637925) - performance bug on row height adjustments (bnc#640112) - common bits : - don't set header in DDE tables (bnc#634517) - Calc bits : - cell content rendering [bnc#640128] - Excel's cell border thickness mapping (bnc#636691) - relative and absolute references toggling (bnc#634260) - more on the Flat MSO XML file type detection (bnc#631993) - Writer bits : - SwXTextRange DOC import (i#112564) - table formulas DOC import (bnc#631912) - input field fixes (bnc#628098, bnc#623944) - OLE Links with image DOC import (bnc#628098) - nested SET/FILLIN fields DOC import (bnc#634478) - broken floating tables formatting in DOC import (bnc#617593) - double-clicking on field gives 'read only' message (bnc#639288) - OOXML bits : - text paragraph autofit PPTX import - VBA bits : - implicit indexes handling - logical operator precedence - column para for Range.Cells (bnc#639297) - build bits : - update internal ICU to version 4.2.1 - fetch 185d60944ea767075d27247c3162b3bc-unowinreg.dll - updated to version 3.2.98.1 (3.3-alpha1) : - features : - RTF export rewrite - writer navigation - remove obsolete Industrial icon theme - common bits : - gray read-only styles (i#85003) - Accelerators for OK/Cancel buttons in GTK (bnc#608572) - Calc bits : - cell borders not saved (bnc#612263) - external reference rework (bnc#628876) - Flat MSO XML file type detection (bnc#631993) - disable custom tab colors in high contrast mode - display correct field in data pilot (bnc#629920) - Watch Window extension doesn't show sheet name (bnc#604638) - Draw bits : - associate application/x-wpg with oodraw (bnc#589624) - Impress bits : - More on avmedia soundhandler (i#83753, bnc#515553) - Writer bits : - ww8 styles import (i#21939) - hairline table borders export - saving new document comparison data - Ruby in MS Word format (i#79246) - OOXML : - better internal hlinks XLSX export (bnc#594248) - numbering roundtripping issues in DOCX (bnc#569266) - untis translation from EMU in PPTX import (bnc#621739) - group shapes geometry calculation in PPTX import (bnc#621739) - many other import/export fixes and improvements - VBA bits : - changes in event handling - more container control fixes - more on invalid code name import for sheet (bnc#507768) - build bits : - update prebuilt cli dlls for OOo-3.3 - moving ooo-build patches to ooo git sources - use --without-junit on Win32 and openSUSE < 11.2 - used the prepatched OOo sources from ooo-build git - used mozilla-xulrunner192 for openSUSE > 11.3 MaintenanceTracker-35044, CVE-2010-2935, CVE-2010-2936) : - Calc bits : - custom field names handling in Data Pilot (bnc#634974) - remember 'sort by' selection in Data Pilot (bnc#634974) - more on the Flat MSO XML file type detection (bnc#631993) - Impress bits : - cairocanvas border treatment (bnc#629546, rh#557317) MaintenanceTracker-35044, CVE-2010-2935, CVE-2010-2936) : - security fixes : - two impress vulnerabilities (CVE-2010-2935, CVE-2010-2936, bnc#629085) - common bits : - honour ure-link in SDK configure.pl - macro recording crasher (i#113084) [upstream, Rene] - Calc bits : - DataPilot sort by ID (bnc#622920) - Flat MSO XML file type detection (bnc#527738) - DDE linkage upon loading documents (bnc#618846, bnc#618864) - file name as sheet name in Excel 2.1 docs import (bnc#612902) - Draw bits : - random extra arrows around the custom shape (i#105654) - Impress bits : - slideshow clipping (i#112422) - cairocanvas border treatment (bnc#629546, rh#557317) - Writer bits : - input field fixes (bnc#628098, bnc#623944) - non-breaking space erasing freeze (i#i113461) [upstream, Rene] - broken floating tables formatting in DOC import (bnc#617593) - Netbooks bits : - decorate help window (bnc#621116) - more restrictive top level document window check (bnc#607735) - reduce height of PDF export and recovery dialogs (bnc#623352) - Win32 bits : - allow view 'details' in File Open dialog on XP (bnc#620924) - l10n bits : - non-localized Tools/Options/OOo Writer/Comparison (bnc#615000)
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 75687
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75687
    title openSUSE Security Update : OpenOffice_org (openSUSE-SU-2011:0336-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_OPENOFFICE_ORG-100907.NASL
    description Specially crafted ppt files could cause a heap-based buffer overflow in OpenOffice_org Impress. Attackers could exploit that to crash OpenOffice_org or potentially even execute arbitrary code. (CVE-2010-2935 / CVE-2010-2936) This update also fixes numerous non-security bugs. Please refer to the package changelog for details.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 50878
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50878
    title SuSE 11 / 11.1 Security Update : OpenOffice_org (SAT Patch Numbers 3087 / 3089)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_OPENOFFICE_ORG-DRAW-100906.NASL
    description Specially crafted ppt files could cause a heap based buffer overflow in OpenOffice_org Impress. Attackers could exploit that to crash OpenOffice_org or potentially even execute arbitrary code (CVE-2010-2935, CVE-2010-2936).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75688
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75688
    title openSUSE Security Update : OpenOffice_org-draw (openSUSE-SU-2010:0732-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0643.NASL
    description Updated openoffice.org packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2935) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org Impress processed polygons in input documents. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when opened, would cause OpenOffice.org Impress to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org Impress. (CVE-2010-2936) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported patches to correct these issues. For Red Hat Enterprise Linux 3, this erratum provides updated openoffice.org packages. For Red Hat Enterprise Linux 4, this erratum provides updated openoffice.org and openoffice.org2 packages. All running instances of OpenOffice.org applications must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 48423
    published 2010-08-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48423
    title RHEL 3 / 4 : openoffice.org (RHSA-2010:0643)
oval via4
accepted 2011-08-15T04:00:05.416-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Dragos Prisaca
    organization Symantec Corporation
  • name Preeti Subramanian
    organization SecPod Technologies
  • name Jonathan Baker
    organization The MITRE Corporation
definition_extensions
comment OpenOffice.org is installed
oval oval:org.mitre.oval:def:12053
description Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow.
family windows
id oval:org.mitre.oval:def:12144
status accepted
submitted 2010-09-08T12:12:46
title Heap-based buffer overflow in OpenOffice.org version 3.2.1
version 10
redhat via4
advisories
bugzilla
id 622555
title CVE-2010-2936 OpenOffice.org: Heap-based buffer overflow by parsing specially-crafted Microsoft PowerPoint document
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhba:tst:20070026001
    • OR
      • AND
        • comment openoffice.org is earlier than 0:1.1.2-48.2.0.EL3
          oval oval:com.redhat.rhsa:tst:20100643002
        • comment openoffice.org is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070001003
      • AND
        • comment openoffice.org-i18n is earlier than 0:1.1.2-48.2.0.EL3
          oval oval:com.redhat.rhsa:tst:20100643006
        • comment openoffice.org-i18n is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070001007
      • AND
        • comment openoffice.org-libs is earlier than 0:1.1.2-48.2.0.EL3
          oval oval:com.redhat.rhsa:tst:20100643004
        • comment openoffice.org-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070001005
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • OR
      • AND
        • comment openoffice.org2-base is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643029
        • comment openoffice.org2-base is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406097
      • AND
        • comment openoffice.org2-calc is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643065
        • comment openoffice.org2-calc is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406073
      • AND
        • comment openoffice.org2-core is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643049
        • comment openoffice.org2-core is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406095
      • AND
        • comment openoffice.org2-draw is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643039
        • comment openoffice.org2-draw is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406129
      • AND
        • comment openoffice.org2-emailmerge is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643081
        • comment openoffice.org2-emailmerge is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406105
      • AND
        • comment openoffice.org2-graphicfilter is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643123
        • comment openoffice.org2-graphicfilter is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406067
      • AND
        • comment openoffice.org2-impress is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643111
        • comment openoffice.org2-impress is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406069
      • AND
        • comment openoffice.org2-javafilter is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643013
        • comment openoffice.org2-javafilter is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406049
      • AND
        • comment openoffice.org2-langpack-af_ZA is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643057
        • comment openoffice.org2-langpack-af_ZA is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406103
      • AND
        • comment openoffice.org2-langpack-ar is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643031
        • comment openoffice.org2-langpack-ar is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406037
      • AND
        • comment openoffice.org2-langpack-bg_BG is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643015
        • comment openoffice.org2-langpack-bg_BG is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406099
      • AND
        • comment openoffice.org2-langpack-bn is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643121
        • comment openoffice.org2-langpack-bn is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406035
      • AND
        • comment openoffice.org2-langpack-ca_ES is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643023
        • comment openoffice.org2-langpack-ca_ES is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406047
      • AND
        • comment openoffice.org2-langpack-cs_CZ is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643103
        • comment openoffice.org2-langpack-cs_CZ is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406109
      • AND
        • comment openoffice.org2-langpack-cy_GB is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643047
        • comment openoffice.org2-langpack-cy_GB is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406027
      • AND
        • comment openoffice.org2-langpack-da_DK is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643113
        • comment openoffice.org2-langpack-da_DK is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406125
      • AND
        • comment openoffice.org2-langpack-de is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643021
        • comment openoffice.org2-langpack-de is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406119
      • AND
        • comment openoffice.org2-langpack-el_GR is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643085
        • comment openoffice.org2-langpack-el_GR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406127
      • AND
        • comment openoffice.org2-langpack-es is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643119
        • comment openoffice.org2-langpack-es is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406071
      • AND
        • comment openoffice.org2-langpack-et_EE is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643097
        • comment openoffice.org2-langpack-et_EE is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406061
      • AND
        • comment openoffice.org2-langpack-eu_ES is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643077
        • comment openoffice.org2-langpack-eu_ES is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406019
      • AND
        • comment openoffice.org2-langpack-fi_FI is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643093
        • comment openoffice.org2-langpack-fi_FI is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406117
      • AND
        • comment openoffice.org2-langpack-fr is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643109
        • comment openoffice.org2-langpack-fr is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406123
      • AND
        • comment openoffice.org2-langpack-ga_IE is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643061
        • comment openoffice.org2-langpack-ga_IE is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406053
      • AND
        • comment openoffice.org2-langpack-gl_ES is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643009
        • comment openoffice.org2-langpack-gl_ES is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406041
      • AND
        • comment openoffice.org2-langpack-gu_IN is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643073
        • comment openoffice.org2-langpack-gu_IN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406087
      • AND
        • comment openoffice.org2-langpack-he_IL is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643019
        • comment openoffice.org2-langpack-he_IL is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406083
      • AND
        • comment openoffice.org2-langpack-hi_IN is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643071
        • comment openoffice.org2-langpack-hi_IN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406017
      • AND
        • comment openoffice.org2-langpack-hr_HR is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643089
        • comment openoffice.org2-langpack-hr_HR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406121
      • AND
        • comment openoffice.org2-langpack-hu_HU is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643099
        • comment openoffice.org2-langpack-hu_HU is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406023
      • AND
        • comment openoffice.org2-langpack-it is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643083
        • comment openoffice.org2-langpack-it is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406043
      • AND
        • comment openoffice.org2-langpack-ja_JP is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643107
        • comment openoffice.org2-langpack-ja_JP is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406055
      • AND
        • comment openoffice.org2-langpack-ko_KR is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643115
        • comment openoffice.org2-langpack-ko_KR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406079
      • AND
        • comment openoffice.org2-langpack-lt_LT is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643101
        • comment openoffice.org2-langpack-lt_LT is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406077
      • AND
        • comment openoffice.org2-langpack-ms_MY is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643105
        • comment openoffice.org2-langpack-ms_MY is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406021
      • AND
        • comment openoffice.org2-langpack-nb_NO is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643117
        • comment openoffice.org2-langpack-nb_NO is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406111
      • AND
        • comment openoffice.org2-langpack-nl is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643079
        • comment openoffice.org2-langpack-nl is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406039
      • AND
        • comment openoffice.org2-langpack-nn_NO is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643069
        • comment openoffice.org2-langpack-nn_NO is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406031
      • AND
        • comment openoffice.org2-langpack-pa_IN is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643041
        • comment openoffice.org2-langpack-pa_IN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406025
      • AND
        • comment openoffice.org2-langpack-pl_PL is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643051
        • comment openoffice.org2-langpack-pl_PL is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406075
      • AND
        • comment openoffice.org2-langpack-pt_BR is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643087
        • comment openoffice.org2-langpack-pt_BR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406101
      • AND
        • comment openoffice.org2-langpack-pt_PT is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643017
        • comment openoffice.org2-langpack-pt_PT is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406113
      • AND
        • comment openoffice.org2-langpack-ru is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643059
        • comment openoffice.org2-langpack-ru is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406091
      • AND
        • comment openoffice.org2-langpack-sk_SK is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643035
        • comment openoffice.org2-langpack-sk_SK is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406059
      • AND
        • comment openoffice.org2-langpack-sl_SI is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643011
        • comment openoffice.org2-langpack-sl_SI is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406051
      • AND
        • comment openoffice.org2-langpack-sr_CS is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643043
        • comment openoffice.org2-langpack-sr_CS is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406107
      • AND
        • comment openoffice.org2-langpack-sv is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643033
        • comment openoffice.org2-langpack-sv is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406093
      • AND
        • comment openoffice.org2-langpack-ta_IN is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643025
        • comment openoffice.org2-langpack-ta_IN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406015
      • AND
        • comment openoffice.org2-langpack-th_TH is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643091
        • comment openoffice.org2-langpack-th_TH is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406085
      • AND
        • comment openoffice.org2-langpack-tr_TR is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643037
        • comment openoffice.org2-langpack-tr_TR is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406081
      • AND
        • comment openoffice.org2-langpack-zh_CN is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643045
        • comment openoffice.org2-langpack-zh_CN is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406029
      • AND
        • comment openoffice.org2-langpack-zh_TW is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643067
        • comment openoffice.org2-langpack-zh_TW is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406089
      • AND
        • comment openoffice.org2-langpack-zu_ZA is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643095
        • comment openoffice.org2-langpack-zu_ZA is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406063
      • AND
        • comment openoffice.org2-math is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643053
        • comment openoffice.org2-math is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406065
      • AND
        • comment openoffice.org2-pyuno is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643063
        • comment openoffice.org2-pyuno is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406045
      • AND
        • comment openoffice.org2-testtools is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643075
        • comment openoffice.org2-testtools is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406033
      • AND
        • comment openoffice.org2-writer is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643027
        • comment openoffice.org2-writer is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406115
      • AND
        • comment openoffice.org2-xsltfilter is earlier than 1:2.0.4-5.7.0.6.1.el4_8.6
          oval oval:com.redhat.rhsa:tst:20100643055
        • comment openoffice.org2-xsltfilter is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070406057
      • AND
        • comment openoffice.org is earlier than 0:1.1.5-10.6.0.7.EL4.5
          oval oval:com.redhat.rhsa:tst:20100643125
        • comment openoffice.org is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070001003
      • AND
        • comment openoffice.org-i18n is earlier than 0:1.1.5-10.6.0.7.EL4.5
          oval oval:com.redhat.rhsa:tst:20100643126
        • comment openoffice.org-i18n is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070001007
      • AND
        • comment openoffice.org-kde is earlier than 0:1.1.5-10.6.0.7.EL4.5
          oval oval:com.redhat.rhsa:tst:20100643128
        • comment openoffice.org-kde is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070001012
      • AND
        • comment openoffice.org-libs is earlier than 0:1.1.5-10.6.0.7.EL4.5
          oval oval:com.redhat.rhsa:tst:20100643127
        • comment openoffice.org-libs is signed with Red Hat master key
          oval oval:com.redhat.rhsa:tst:20070001005
rhsa
id RHSA-2010:0643
released 2010-08-23
severity Important
title RHSA-2010:0643: openoffice.org security update (Important)
rpms
  • openoffice.org-0:1.1.2-48.2.0.EL3
  • openoffice.org-i18n-0:1.1.2-48.2.0.EL3
  • openoffice.org-libs-0:1.1.2-48.2.0.EL3
  • openoffice.org2-base-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-calc-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-core-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-draw-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-emailmerge-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-graphicfilter-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-impress-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-javafilter-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-af_ZA-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-ar-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-bg_BG-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-bn-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-ca_ES-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-cs_CZ-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-cy_GB-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-da_DK-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-de-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-el_GR-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-es-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-et_EE-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-eu_ES-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-fi_FI-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-fr-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-ga_IE-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-gl_ES-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-gu_IN-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-he_IL-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-hi_IN-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-hr_HR-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-hu_HU-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-it-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-ja_JP-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-ko_KR-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-lt_LT-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-ms_MY-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-nb_NO-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-nl-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-nn_NO-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-pa_IN-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-pl_PL-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-pt_BR-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-pt_PT-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-ru-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-sk_SK-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-sl_SI-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-sr_CS-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-sv-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-ta_IN-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-th_TH-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-tr_TR-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-zh_CN-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-zh_TW-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-langpack-zu_ZA-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-math-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-pyuno-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-testtools-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-writer-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org2-xsltfilter-1:2.0.4-5.7.0.6.1.el4_8.6
  • openoffice.org-0:1.1.5-10.6.0.7.EL4.5
  • openoffice.org-i18n-0:1.1.5-10.6.0.7.EL4.5
  • openoffice.org-kde-0:1.1.5-10.6.0.7.EL4.5
  • openoffice.org-libs-0:1.1.5-10.6.0.7.EL4.5
refmap via4
confirm
debian DSA-2099
gentoo GLSA-201408-19
mandriva MDVSA-2010:221
misc http://securityevaluators.com/files/papers/CrashAnalysis.pdf
mlist
  • [dev] 20100806 Two exploitable OpenOffice.org bugs!
  • [oss-security] 20100811 CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow
  • [oss-security] 20100811 Re: CVE Request -- OpenOffice.org [two ids]: 1, integer truncation error 2, short integer overflow
sectrack
  • 1024352
  • 1024976
secunia
  • 40775
  • 41052
  • 41235
  • 42927
  • 43105
  • 60799
suse
  • SUSE-SR:2010:019
  • SUSE-SR:2010:024
ubuntu USN-1056-1
vupen
  • ADV-2010-2003
  • ADV-2010-2149
  • ADV-2010-2228
  • ADV-2010-2905
  • ADV-2011-0150
  • ADV-2011-0230
  • ADV-2011-0279
Last major update 24-10-2014 - 02:02
Published 25-08-2010 - 16:00
Last modified 18-09-2017 - 21:31
Back to Top