MDKSA-2004:103 - Updated OpenOffice.org packages fix temporary file vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: MDKSA-2004:103 - Updated OpenOffice.org packages fix temporary file vulnerabilities
From: Mandrake Linux Security Team <security@xxxxxxxxxxxxxxxxxx>
Date: 28 Sep 2004 06:52:30 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           OpenOffice.org
 Advisory ID:            MDKSA-2004:103
 Date:                   September 27th, 2004

 Affected versions:      10.0
 ______________________________________________________________________

 Problem Description:

 A vulnerability in OpenOffice.org was reported by pmladek where a
 local user may be able to obtain and read documents that belong to
 another user.  The way that OpenOffice.org created temporary files,
 which used the user's umask to create the file, could potentially
 allow for other users to have read access to the document (again,
 dependant upon the user's umask).
 
 The updated packages have been patched to prevent this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 6dcdf713f9b86b9fb8c1d2a652aca05c  
10.0/RPMS/OpenOffice.org-1.1.2-8.100mdk.i586.rpm
 82586f5dd2c3b873442086174d17263b  
10.0/RPMS/OpenOffice.org-help-cs-1.1.2-8.100mdk.i586.rpm
 e9c7967557e4aa63203475126c922470  
10.0/RPMS/OpenOffice.org-help-de-1.1.2-8.100mdk.i586.rpm
 91e537d10cc754b4b1c89fb4e48580d8  
10.0/RPMS/OpenOffice.org-help-en-1.1.2-8.100mdk.i586.rpm
 988366f3e410d001567ddefd2c855c8f  
10.0/RPMS/OpenOffice.org-help-es-1.1.2-8.100mdk.i586.rpm
 ecdb9c92c23f33c4548bd5f8e6d15e89  
10.0/RPMS/OpenOffice.org-help-eu-1.1.2-8.100mdk.i586.rpm
 34398abee71ee44bbd73f8999cc927fa  
10.0/RPMS/OpenOffice.org-help-fi-1.1.2-8.100mdk.i586.rpm
 7dfda7c433d14a852004de3233a649e8  
10.0/RPMS/OpenOffice.org-help-fr-1.1.2-8.100mdk.i586.rpm
 d95e356f7327acfe7db669ef86ad3145  
10.0/RPMS/OpenOffice.org-help-it-1.1.2-8.100mdk.i586.rpm
 e59ed8acd4a2e287545a59d87b330580  
10.0/RPMS/OpenOffice.org-help-ja-1.1.2-8.100mdk.i586.rpm
 b859c002405c021e32ff9bb43c0f6c6d  
10.0/RPMS/OpenOffice.org-help-ko-1.1.2-8.100mdk.i586.rpm
 1a31ed1c4fae0193cc55a70ae65f0045  
10.0/RPMS/OpenOffice.org-help-nl-1.1.2-8.100mdk.i586.rpm
 10118f1f329abbfcdc6d0123f07e7400  
10.0/RPMS/OpenOffice.org-help-ru-1.1.2-8.100mdk.i586.rpm
 8258eeb4b6db30fad630655197b841ef  
10.0/RPMS/OpenOffice.org-help-sk-1.1.2-8.100mdk.i586.rpm
 4b2f8b6890d6cce15416bd30e4e0286d  
10.0/RPMS/OpenOffice.org-help-sv-1.1.2-8.100mdk.i586.rpm
 dab28c6494f154cc65b669e1817be46f  
10.0/RPMS/OpenOffice.org-help-zh_CN-1.1.2-8.100mdk.i586.rpm
 50f2019f947e8ec8997667d4e63d20a1  
10.0/RPMS/OpenOffice.org-help-zh_TW-1.1.2-8.100mdk.i586.rpm
 6a6b435b956973b166128212b7d663d4  
10.0/RPMS/OpenOffice.org-l10n-ar-1.1.2-8.100mdk.i586.rpm
 ac19524d6f8a9672e3c60e324c081d64  
10.0/RPMS/OpenOffice.org-l10n-ca-1.1.2-8.100mdk.i586.rpm
 94ac592c89da0ce121b5de7e8de9e974  
10.0/RPMS/OpenOffice.org-l10n-cs-1.1.2-8.100mdk.i586.rpm
 2354116aebb06ae56f40eb306dccb7ea  
10.0/RPMS/OpenOffice.org-l10n-da-1.1.2-8.100mdk.i586.rpm
 cb268d3ab6be233d79c16b20903c33c6  
10.0/RPMS/OpenOffice.org-l10n-de-1.1.2-8.100mdk.i586.rpm
 bd12ab884f02324e42367dfb5271c688  
10.0/RPMS/OpenOffice.org-l10n-el-1.1.2-8.100mdk.i586.rpm
 314e3e1a45e2968ffbf7f1ec6a5487cd  
10.0/RPMS/OpenOffice.org-l10n-en-1.1.2-8.100mdk.i586.rpm
 2833ed7bd2f95f788e2dfeac729f2473  
10.0/RPMS/OpenOffice.org-l10n-es-1.1.2-8.100mdk.i586.rpm
 6c9e53a4daf5f1f872556f2e374b742c  
10.0/RPMS/OpenOffice.org-l10n-et-1.1.2-8.100mdk.i586.rpm
 d3c53b97c8d3a765c55599be649d5a30  
10.0/RPMS/OpenOffice.org-l10n-eu-1.1.2-8.100mdk.i586.rpm
 08705cc3571f13e0c115b5e6b0f10cdc  
10.0/RPMS/OpenOffice.org-l10n-fi-1.1.2-8.100mdk.i586.rpm
 95374fe47baf5807c0e523554c9a4a4d  
10.0/RPMS/OpenOffice.org-l10n-fr-1.1.2-8.100mdk.i586.rpm
 70b73f0f2c6e2f35933568be3b642f8c  
10.0/RPMS/OpenOffice.org-l10n-it-1.1.2-8.100mdk.i586.rpm
 83fdca6056dfd504917d491f4b8166c1  
10.0/RPMS/OpenOffice.org-l10n-ja-1.1.2-8.100mdk.i586.rpm
 2fb3b05070d2928f0ca2357adf1749d5  
10.0/RPMS/OpenOffice.org-l10n-ko-1.1.2-8.100mdk.i586.rpm
 ff994fed500ce3a68228ecb38d09b7e1  
10.0/RPMS/OpenOffice.org-l10n-nb-1.1.2-8.100mdk.i586.rpm
 cb0d8319d68c935c7a28e263bc4cd84f  
10.0/RPMS/OpenOffice.org-l10n-nl-1.1.2-8.100mdk.i586.rpm
 8d29108101a3d6f63e28f63cc3df3577  
10.0/RPMS/OpenOffice.org-l10n-nn-1.1.2-8.100mdk.i586.rpm
 2e1c5879febfd8507b0a9d973e6cc855  
10.0/RPMS/OpenOffice.org-l10n-pl-1.1.2-8.100mdk.i586.rpm
 097d9e64dbd3487d58efc724d0db958a  
10.0/RPMS/OpenOffice.org-l10n-pt-1.1.2-8.100mdk.i586.rpm
 69d94c008dfaf2993dc5106d44704b6e  
10.0/RPMS/OpenOffice.org-l10n-pt_BR-1.1.2-8.100mdk.i586.rpm
 a058aa946632b9578f24d2aa5d98c708  
10.0/RPMS/OpenOffice.org-l10n-ru-1.1.2-8.100mdk.i586.rpm
 8e541d03cec5d83e206845a3384b8aba  
10.0/RPMS/OpenOffice.org-l10n-sk-1.1.2-8.100mdk.i586.rpm
 a730904f48b2595ded3dbc52890c0f5b  
10.0/RPMS/OpenOffice.org-l10n-sv-1.1.2-8.100mdk.i586.rpm
 e1476628aa0e5d044e7ef5ae19105b4f  
10.0/RPMS/OpenOffice.org-l10n-tr-1.1.2-8.100mdk.i586.rpm
 91324079d5e05b18bf7a39b52dc4ddd1  
10.0/RPMS/OpenOffice.org-l10n-zh_CN-1.1.2-8.100mdk.i586.rpm
 e31bc4300a938e2aed4ab516b9e90cc8  
10.0/RPMS/OpenOffice.org-l10n-zh_TW-1.1.2-8.100mdk.i586.rpm
 d5c134900a302525f24b44d2d0edb2b2  
10.0/RPMS/OpenOffice.org-libs-1.1.2-8.100mdk.i586.rpm
 56fb619d14aae1230983490f93db8353  
10.0/SRPMS/OpenOffice.org-1.1.2-8.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 6dcdf713f9b86b9fb8c1d2a652aca05c  
amd64/10.0/RPMS/OpenOffice.org-1.1.2-8.100mdk.i586.rpm
 82586f5dd2c3b873442086174d17263b  
amd64/10.0/RPMS/OpenOffice.org-help-cs-1.1.2-8.100mdk.i586.rpm
 e9c7967557e4aa63203475126c922470  
amd64/10.0/RPMS/OpenOffice.org-help-de-1.1.2-8.100mdk.i586.rpm
 91e537d10cc754b4b1c89fb4e48580d8  
amd64/10.0/RPMS/OpenOffice.org-help-en-1.1.2-8.100mdk.i586.rpm
 988366f3e410d001567ddefd2c855c8f  
amd64/10.0/RPMS/OpenOffice.org-help-es-1.1.2-8.100mdk.i586.rpm
 ecdb9c92c23f33c4548bd5f8e6d15e89  
amd64/10.0/RPMS/OpenOffice.org-help-eu-1.1.2-8.100mdk.i586.rpm
 34398abee71ee44bbd73f8999cc927fa  
amd64/10.0/RPMS/OpenOffice.org-help-fi-1.1.2-8.100mdk.i586.rpm
 7dfda7c433d14a852004de3233a649e8  
amd64/10.0/RPMS/OpenOffice.org-help-fr-1.1.2-8.100mdk.i586.rpm
 d95e356f7327acfe7db669ef86ad3145  
amd64/10.0/RPMS/OpenOffice.org-help-it-1.1.2-8.100mdk.i586.rpm
 e59ed8acd4a2e287545a59d87b330580  
amd64/10.0/RPMS/OpenOffice.org-help-ja-1.1.2-8.100mdk.i586.rpm
 b859c002405c021e32ff9bb43c0f6c6d  
amd64/10.0/RPMS/OpenOffice.org-help-ko-1.1.2-8.100mdk.i586.rpm
 1a31ed1c4fae0193cc55a70ae65f0045  
amd64/10.0/RPMS/OpenOffice.org-help-nl-1.1.2-8.100mdk.i586.rpm
 10118f1f329abbfcdc6d0123f07e7400  
amd64/10.0/RPMS/OpenOffice.org-help-ru-1.1.2-8.100mdk.i586.rpm
 8258eeb4b6db30fad630655197b841ef  
amd64/10.0/RPMS/OpenOffice.org-help-sk-1.1.2-8.100mdk.i586.rpm
 4b2f8b6890d6cce15416bd30e4e0286d  
amd64/10.0/RPMS/OpenOffice.org-help-sv-1.1.2-8.100mdk.i586.rpm
 dab28c6494f154cc65b669e1817be46f  
amd64/10.0/RPMS/OpenOffice.org-help-zh_CN-1.1.2-8.100mdk.i586.rpm
 50f2019f947e8ec8997667d4e63d20a1  
amd64/10.0/RPMS/OpenOffice.org-help-zh_TW-1.1.2-8.100mdk.i586.rpm
 6a6b435b956973b166128212b7d663d4  
amd64/10.0/RPMS/OpenOffice.org-l10n-ar-1.1.2-8.100mdk.i586.rpm
 ac19524d6f8a9672e3c60e324c081d64  
amd64/10.0/RPMS/OpenOffice.org-l10n-ca-1.1.2-8.100mdk.i586.rpm
 94ac592c89da0ce121b5de7e8de9e974  
amd64/10.0/RPMS/OpenOffice.org-l10n-cs-1.1.2-8.100mdk.i586.rpm
 2354116aebb06ae56f40eb306dccb7ea  
amd64/10.0/RPMS/OpenOffice.org-l10n-da-1.1.2-8.100mdk.i586.rpm
 cb268d3ab6be233d79c16b20903c33c6  
amd64/10.0/RPMS/OpenOffice.org-l10n-de-1.1.2-8.100mdk.i586.rpm
 bd12ab884f02324e42367dfb5271c688  
amd64/10.0/RPMS/OpenOffice.org-l10n-el-1.1.2-8.100mdk.i586.rpm
 314e3e1a45e2968ffbf7f1ec6a5487cd  
amd64/10.0/RPMS/OpenOffice.org-l10n-en-1.1.2-8.100mdk.i586.rpm
 2833ed7bd2f95f788e2dfeac729f2473  
amd64/10.0/RPMS/OpenOffice.org-l10n-es-1.1.2-8.100mdk.i586.rpm
 6c9e53a4daf5f1f872556f2e374b742c  
amd64/10.0/RPMS/OpenOffice.org-l10n-et-1.1.2-8.100mdk.i586.rpm
 d3c53b97c8d3a765c55599be649d5a30  
amd64/10.0/RPMS/OpenOffice.org-l10n-eu-1.1.2-8.100mdk.i586.rpm
 08705cc3571f13e0c115b5e6b0f10cdc  
amd64/10.0/RPMS/OpenOffice.org-l10n-fi-1.1.2-8.100mdk.i586.rpm
 95374fe47baf5807c0e523554c9a4a4d  
amd64/10.0/RPMS/OpenOffice.org-l10n-fr-1.1.2-8.100mdk.i586.rpm
 70b73f0f2c6e2f35933568be3b642f8c  
amd64/10.0/RPMS/OpenOffice.org-l10n-it-1.1.2-8.100mdk.i586.rpm
 83fdca6056dfd504917d491f4b8166c1  
amd64/10.0/RPMS/OpenOffice.org-l10n-ja-1.1.2-8.100mdk.i586.rpm
 2fb3b05070d2928f0ca2357adf1749d5  
amd64/10.0/RPMS/OpenOffice.org-l10n-ko-1.1.2-8.100mdk.i586.rpm
 ff994fed500ce3a68228ecb38d09b7e1  
amd64/10.0/RPMS/OpenOffice.org-l10n-nb-1.1.2-8.100mdk.i586.rpm
 cb0d8319d68c935c7a28e263bc4cd84f  
amd64/10.0/RPMS/OpenOffice.org-l10n-nl-1.1.2-8.100mdk.i586.rpm
 8d29108101a3d6f63e28f63cc3df3577  
amd64/10.0/RPMS/OpenOffice.org-l10n-nn-1.1.2-8.100mdk.i586.rpm
 2e1c5879febfd8507b0a9d973e6cc855  
amd64/10.0/RPMS/OpenOffice.org-l10n-pl-1.1.2-8.100mdk.i586.rpm
 097d9e64dbd3487d58efc724d0db958a  
amd64/10.0/RPMS/OpenOffice.org-l10n-pt-1.1.2-8.100mdk.i586.rpm
 69d94c008dfaf2993dc5106d44704b6e  
amd64/10.0/RPMS/OpenOffice.org-l10n-pt_BR-1.1.2-8.100mdk.i586.rpm
 a058aa946632b9578f24d2aa5d98c708  
amd64/10.0/RPMS/OpenOffice.org-l10n-ru-1.1.2-8.100mdk.i586.rpm
 8e541d03cec5d83e206845a3384b8aba  
amd64/10.0/RPMS/OpenOffice.org-l10n-sk-1.1.2-8.100mdk.i586.rpm
 a730904f48b2595ded3dbc52890c0f5b  
amd64/10.0/RPMS/OpenOffice.org-l10n-sv-1.1.2-8.100mdk.i586.rpm
 e1476628aa0e5d044e7ef5ae19105b4f  
amd64/10.0/RPMS/OpenOffice.org-l10n-tr-1.1.2-8.100mdk.i586.rpm
 91324079d5e05b18bf7a39b52dc4ddd1  
amd64/10.0/RPMS/OpenOffice.org-l10n-zh_CN-1.1.2-8.100mdk.i586.rpm
 e31bc4300a938e2aed4ab516b9e90cc8  
amd64/10.0/RPMS/OpenOffice.org-l10n-zh_TW-1.1.2-8.100mdk.i586.rpm
 d5c134900a302525f24b44d2d0edb2b2  
amd64/10.0/RPMS/OpenOffice.org-libs-1.1.2-8.100mdk.i586.rpm
 56fb619d14aae1230983490f93db8353  
amd64/10.0/SRPMS/OpenOffice.org-1.1.2-8.100mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBWQoumqjQ0CJFipgRAnlMAKChxOOrnZmlId15vUeNCljeQ7vIwgCg7Kyn
WNQKkDIyXhwT7rRImOU6ymY=
=32RL
-----END PGP SIGNATURE-----
Prev by Date: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
Next by Date: Re: New whitepaper "The Phishing Guide"
Previous by thread: Code execution in Icecast 2.0.1
Next by thread: Vignette Application Portal Unauthenticated Diagnostics
Index(es):
- Date
- Thread