MDKSA-2004:103 - Updated OpenOffice.org packages fix temporary file vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: OpenOffice.org
Advisory ID: MDKSA-2004:103
Date: September 27th, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
A vulnerability in OpenOffice.org was reported by pmladek where a
local user may be able to obtain and read documents that belong to
another user. The way that OpenOffice.org created temporary files,
which used the user's umask to create the file, could potentially
allow for other users to have read access to the document (again,
dependant upon the user's umask).
The updated packages have been patched to prevent this problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
6dcdf713f9b86b9fb8c1d2a652aca05c
10.0/RPMS/OpenOffice.org-1.1.2-8.100mdk.i586.rpm
82586f5dd2c3b873442086174d17263b
10.0/RPMS/OpenOffice.org-help-cs-1.1.2-8.100mdk.i586.rpm
e9c7967557e4aa63203475126c922470
10.0/RPMS/OpenOffice.org-help-de-1.1.2-8.100mdk.i586.rpm
91e537d10cc754b4b1c89fb4e48580d8
10.0/RPMS/OpenOffice.org-help-en-1.1.2-8.100mdk.i586.rpm
988366f3e410d001567ddefd2c855c8f
10.0/RPMS/OpenOffice.org-help-es-1.1.2-8.100mdk.i586.rpm
ecdb9c92c23f33c4548bd5f8e6d15e89
10.0/RPMS/OpenOffice.org-help-eu-1.1.2-8.100mdk.i586.rpm
34398abee71ee44bbd73f8999cc927fa
10.0/RPMS/OpenOffice.org-help-fi-1.1.2-8.100mdk.i586.rpm
7dfda7c433d14a852004de3233a649e8
10.0/RPMS/OpenOffice.org-help-fr-1.1.2-8.100mdk.i586.rpm
d95e356f7327acfe7db669ef86ad3145
10.0/RPMS/OpenOffice.org-help-it-1.1.2-8.100mdk.i586.rpm
e59ed8acd4a2e287545a59d87b330580
10.0/RPMS/OpenOffice.org-help-ja-1.1.2-8.100mdk.i586.rpm
b859c002405c021e32ff9bb43c0f6c6d
10.0/RPMS/OpenOffice.org-help-ko-1.1.2-8.100mdk.i586.rpm
1a31ed1c4fae0193cc55a70ae65f0045
10.0/RPMS/OpenOffice.org-help-nl-1.1.2-8.100mdk.i586.rpm
10118f1f329abbfcdc6d0123f07e7400
10.0/RPMS/OpenOffice.org-help-ru-1.1.2-8.100mdk.i586.rpm
8258eeb4b6db30fad630655197b841ef
10.0/RPMS/OpenOffice.org-help-sk-1.1.2-8.100mdk.i586.rpm
4b2f8b6890d6cce15416bd30e4e0286d
10.0/RPMS/OpenOffice.org-help-sv-1.1.2-8.100mdk.i586.rpm
dab28c6494f154cc65b669e1817be46f
10.0/RPMS/OpenOffice.org-help-zh_CN-1.1.2-8.100mdk.i586.rpm
50f2019f947e8ec8997667d4e63d20a1
10.0/RPMS/OpenOffice.org-help-zh_TW-1.1.2-8.100mdk.i586.rpm
6a6b435b956973b166128212b7d663d4
10.0/RPMS/OpenOffice.org-l10n-ar-1.1.2-8.100mdk.i586.rpm
ac19524d6f8a9672e3c60e324c081d64
10.0/RPMS/OpenOffice.org-l10n-ca-1.1.2-8.100mdk.i586.rpm
94ac592c89da0ce121b5de7e8de9e974
10.0/RPMS/OpenOffice.org-l10n-cs-1.1.2-8.100mdk.i586.rpm
2354116aebb06ae56f40eb306dccb7ea
10.0/RPMS/OpenOffice.org-l10n-da-1.1.2-8.100mdk.i586.rpm
cb268d3ab6be233d79c16b20903c33c6
10.0/RPMS/OpenOffice.org-l10n-de-1.1.2-8.100mdk.i586.rpm
bd12ab884f02324e42367dfb5271c688
10.0/RPMS/OpenOffice.org-l10n-el-1.1.2-8.100mdk.i586.rpm
314e3e1a45e2968ffbf7f1ec6a5487cd
10.0/RPMS/OpenOffice.org-l10n-en-1.1.2-8.100mdk.i586.rpm
2833ed7bd2f95f788e2dfeac729f2473
10.0/RPMS/OpenOffice.org-l10n-es-1.1.2-8.100mdk.i586.rpm
6c9e53a4daf5f1f872556f2e374b742c
10.0/RPMS/OpenOffice.org-l10n-et-1.1.2-8.100mdk.i586.rpm
d3c53b97c8d3a765c55599be649d5a30
10.0/RPMS/OpenOffice.org-l10n-eu-1.1.2-8.100mdk.i586.rpm
08705cc3571f13e0c115b5e6b0f10cdc
10.0/RPMS/OpenOffice.org-l10n-fi-1.1.2-8.100mdk.i586.rpm
95374fe47baf5807c0e523554c9a4a4d
10.0/RPMS/OpenOffice.org-l10n-fr-1.1.2-8.100mdk.i586.rpm
70b73f0f2c6e2f35933568be3b642f8c
10.0/RPMS/OpenOffice.org-l10n-it-1.1.2-8.100mdk.i586.rpm
83fdca6056dfd504917d491f4b8166c1
10.0/RPMS/OpenOffice.org-l10n-ja-1.1.2-8.100mdk.i586.rpm
2fb3b05070d2928f0ca2357adf1749d5
10.0/RPMS/OpenOffice.org-l10n-ko-1.1.2-8.100mdk.i586.rpm
ff994fed500ce3a68228ecb38d09b7e1
10.0/RPMS/OpenOffice.org-l10n-nb-1.1.2-8.100mdk.i586.rpm
cb0d8319d68c935c7a28e263bc4cd84f
10.0/RPMS/OpenOffice.org-l10n-nl-1.1.2-8.100mdk.i586.rpm
8d29108101a3d6f63e28f63cc3df3577
10.0/RPMS/OpenOffice.org-l10n-nn-1.1.2-8.100mdk.i586.rpm
2e1c5879febfd8507b0a9d973e6cc855
10.0/RPMS/OpenOffice.org-l10n-pl-1.1.2-8.100mdk.i586.rpm
097d9e64dbd3487d58efc724d0db958a
10.0/RPMS/OpenOffice.org-l10n-pt-1.1.2-8.100mdk.i586.rpm
69d94c008dfaf2993dc5106d44704b6e
10.0/RPMS/OpenOffice.org-l10n-pt_BR-1.1.2-8.100mdk.i586.rpm
a058aa946632b9578f24d2aa5d98c708
10.0/RPMS/OpenOffice.org-l10n-ru-1.1.2-8.100mdk.i586.rpm
8e541d03cec5d83e206845a3384b8aba
10.0/RPMS/OpenOffice.org-l10n-sk-1.1.2-8.100mdk.i586.rpm
a730904f48b2595ded3dbc52890c0f5b
10.0/RPMS/OpenOffice.org-l10n-sv-1.1.2-8.100mdk.i586.rpm
e1476628aa0e5d044e7ef5ae19105b4f
10.0/RPMS/OpenOffice.org-l10n-tr-1.1.2-8.100mdk.i586.rpm
91324079d5e05b18bf7a39b52dc4ddd1
10.0/RPMS/OpenOffice.org-l10n-zh_CN-1.1.2-8.100mdk.i586.rpm
e31bc4300a938e2aed4ab516b9e90cc8
10.0/RPMS/OpenOffice.org-l10n-zh_TW-1.1.2-8.100mdk.i586.rpm
d5c134900a302525f24b44d2d0edb2b2
10.0/RPMS/OpenOffice.org-libs-1.1.2-8.100mdk.i586.rpm
56fb619d14aae1230983490f93db8353
10.0/SRPMS/OpenOffice.org-1.1.2-8.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
6dcdf713f9b86b9fb8c1d2a652aca05c
amd64/10.0/RPMS/OpenOffice.org-1.1.2-8.100mdk.i586.rpm
82586f5dd2c3b873442086174d17263b
amd64/10.0/RPMS/OpenOffice.org-help-cs-1.1.2-8.100mdk.i586.rpm
e9c7967557e4aa63203475126c922470
amd64/10.0/RPMS/OpenOffice.org-help-de-1.1.2-8.100mdk.i586.rpm
91e537d10cc754b4b1c89fb4e48580d8
amd64/10.0/RPMS/OpenOffice.org-help-en-1.1.2-8.100mdk.i586.rpm
988366f3e410d001567ddefd2c855c8f
amd64/10.0/RPMS/OpenOffice.org-help-es-1.1.2-8.100mdk.i586.rpm
ecdb9c92c23f33c4548bd5f8e6d15e89
amd64/10.0/RPMS/OpenOffice.org-help-eu-1.1.2-8.100mdk.i586.rpm
34398abee71ee44bbd73f8999cc927fa
amd64/10.0/RPMS/OpenOffice.org-help-fi-1.1.2-8.100mdk.i586.rpm
7dfda7c433d14a852004de3233a649e8
amd64/10.0/RPMS/OpenOffice.org-help-fr-1.1.2-8.100mdk.i586.rpm
d95e356f7327acfe7db669ef86ad3145
amd64/10.0/RPMS/OpenOffice.org-help-it-1.1.2-8.100mdk.i586.rpm
e59ed8acd4a2e287545a59d87b330580
amd64/10.0/RPMS/OpenOffice.org-help-ja-1.1.2-8.100mdk.i586.rpm
b859c002405c021e32ff9bb43c0f6c6d
amd64/10.0/RPMS/OpenOffice.org-help-ko-1.1.2-8.100mdk.i586.rpm
1a31ed1c4fae0193cc55a70ae65f0045
amd64/10.0/RPMS/OpenOffice.org-help-nl-1.1.2-8.100mdk.i586.rpm
10118f1f329abbfcdc6d0123f07e7400
amd64/10.0/RPMS/OpenOffice.org-help-ru-1.1.2-8.100mdk.i586.rpm
8258eeb4b6db30fad630655197b841ef
amd64/10.0/RPMS/OpenOffice.org-help-sk-1.1.2-8.100mdk.i586.rpm
4b2f8b6890d6cce15416bd30e4e0286d
amd64/10.0/RPMS/OpenOffice.org-help-sv-1.1.2-8.100mdk.i586.rpm
dab28c6494f154cc65b669e1817be46f
amd64/10.0/RPMS/OpenOffice.org-help-zh_CN-1.1.2-8.100mdk.i586.rpm
50f2019f947e8ec8997667d4e63d20a1
amd64/10.0/RPMS/OpenOffice.org-help-zh_TW-1.1.2-8.100mdk.i586.rpm
6a6b435b956973b166128212b7d663d4
amd64/10.0/RPMS/OpenOffice.org-l10n-ar-1.1.2-8.100mdk.i586.rpm
ac19524d6f8a9672e3c60e324c081d64
amd64/10.0/RPMS/OpenOffice.org-l10n-ca-1.1.2-8.100mdk.i586.rpm
94ac592c89da0ce121b5de7e8de9e974
amd64/10.0/RPMS/OpenOffice.org-l10n-cs-1.1.2-8.100mdk.i586.rpm
2354116aebb06ae56f40eb306dccb7ea
amd64/10.0/RPMS/OpenOffice.org-l10n-da-1.1.2-8.100mdk.i586.rpm
cb268d3ab6be233d79c16b20903c33c6
amd64/10.0/RPMS/OpenOffice.org-l10n-de-1.1.2-8.100mdk.i586.rpm
bd12ab884f02324e42367dfb5271c688
amd64/10.0/RPMS/OpenOffice.org-l10n-el-1.1.2-8.100mdk.i586.rpm
314e3e1a45e2968ffbf7f1ec6a5487cd
amd64/10.0/RPMS/OpenOffice.org-l10n-en-1.1.2-8.100mdk.i586.rpm
2833ed7bd2f95f788e2dfeac729f2473
amd64/10.0/RPMS/OpenOffice.org-l10n-es-1.1.2-8.100mdk.i586.rpm
6c9e53a4daf5f1f872556f2e374b742c
amd64/10.0/RPMS/OpenOffice.org-l10n-et-1.1.2-8.100mdk.i586.rpm
d3c53b97c8d3a765c55599be649d5a30
amd64/10.0/RPMS/OpenOffice.org-l10n-eu-1.1.2-8.100mdk.i586.rpm
08705cc3571f13e0c115b5e6b0f10cdc
amd64/10.0/RPMS/OpenOffice.org-l10n-fi-1.1.2-8.100mdk.i586.rpm
95374fe47baf5807c0e523554c9a4a4d
amd64/10.0/RPMS/OpenOffice.org-l10n-fr-1.1.2-8.100mdk.i586.rpm
70b73f0f2c6e2f35933568be3b642f8c
amd64/10.0/RPMS/OpenOffice.org-l10n-it-1.1.2-8.100mdk.i586.rpm
83fdca6056dfd504917d491f4b8166c1
amd64/10.0/RPMS/OpenOffice.org-l10n-ja-1.1.2-8.100mdk.i586.rpm
2fb3b05070d2928f0ca2357adf1749d5
amd64/10.0/RPMS/OpenOffice.org-l10n-ko-1.1.2-8.100mdk.i586.rpm
ff994fed500ce3a68228ecb38d09b7e1
amd64/10.0/RPMS/OpenOffice.org-l10n-nb-1.1.2-8.100mdk.i586.rpm
cb0d8319d68c935c7a28e263bc4cd84f
amd64/10.0/RPMS/OpenOffice.org-l10n-nl-1.1.2-8.100mdk.i586.rpm
8d29108101a3d6f63e28f63cc3df3577
amd64/10.0/RPMS/OpenOffice.org-l10n-nn-1.1.2-8.100mdk.i586.rpm
2e1c5879febfd8507b0a9d973e6cc855
amd64/10.0/RPMS/OpenOffice.org-l10n-pl-1.1.2-8.100mdk.i586.rpm
097d9e64dbd3487d58efc724d0db958a
amd64/10.0/RPMS/OpenOffice.org-l10n-pt-1.1.2-8.100mdk.i586.rpm
69d94c008dfaf2993dc5106d44704b6e
amd64/10.0/RPMS/OpenOffice.org-l10n-pt_BR-1.1.2-8.100mdk.i586.rpm
a058aa946632b9578f24d2aa5d98c708
amd64/10.0/RPMS/OpenOffice.org-l10n-ru-1.1.2-8.100mdk.i586.rpm
8e541d03cec5d83e206845a3384b8aba
amd64/10.0/RPMS/OpenOffice.org-l10n-sk-1.1.2-8.100mdk.i586.rpm
a730904f48b2595ded3dbc52890c0f5b
amd64/10.0/RPMS/OpenOffice.org-l10n-sv-1.1.2-8.100mdk.i586.rpm
e1476628aa0e5d044e7ef5ae19105b4f
amd64/10.0/RPMS/OpenOffice.org-l10n-tr-1.1.2-8.100mdk.i586.rpm
91324079d5e05b18bf7a39b52dc4ddd1
amd64/10.0/RPMS/OpenOffice.org-l10n-zh_CN-1.1.2-8.100mdk.i586.rpm
e31bc4300a938e2aed4ab516b9e90cc8
amd64/10.0/RPMS/OpenOffice.org-l10n-zh_TW-1.1.2-8.100mdk.i586.rpm
d5c134900a302525f24b44d2d0edb2b2
amd64/10.0/RPMS/OpenOffice.org-libs-1.1.2-8.100mdk.i586.rpm
56fb619d14aae1230983490f93db8353
amd64/10.0/SRPMS/OpenOffice.org-1.1.2-8.100mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBWQoumqjQ0CJFipgRAnlMAKChxOOrnZmlId15vUeNCljeQ7vIwgCg7Kyn
WNQKkDIyXhwT7rRImOU6ymY=
=32RL
-----END PGP SIGNATURE-----