MDKSA-2005:185 - Updated koffice packages fix KWord RTF import overflow vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: koffice
Advisory ID: MDKSA-2005:185
Date: October 14th, 2005
Affected versions: 10.2, 2006.0
______________________________________________________________________
Problem Description:
Chris Evans reported a heap based buffer overflow in the RTF importer
of KWord. An attacker could provide a specially crafted RTF file, which
when opened in KWord can cause execution of abitrary code.
The updated packages are patched to deal with these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2971
______________________________________________________________________
Updated Packages:
Mandrivalinux 10.2:
223e4790f52914f0cc5455af7fc6a2ac 10.2/RPMS/koffice-1.3.5-24.1.102mdk.i586.rpm
121b35e202ffbc72fe1d7f38569c2ed8
10.2/RPMS/koffice-karbon-1.3.5-24.1.102mdk.i586.rpm
50d7f534068fb2c6298f79d750a9f9e6
10.2/RPMS/koffice-kformula-1.3.5-24.1.102mdk.i586.rpm
f4f49dfd0fc1f10e9cf411e67f03935d
10.2/RPMS/koffice-kivio-1.3.5-24.1.102mdk.i586.rpm
5e8cc2c457581118a8903aede54e34dd
10.2/RPMS/koffice-koshell-1.3.5-24.1.102mdk.i586.rpm
5be355a3a69a3dbc3c5496679e50d769
10.2/RPMS/koffice-kpresenter-1.3.5-24.1.102mdk.i586.rpm
1dc7261ad3b75adb4e837c9043ed21d2
10.2/RPMS/koffice-kspread-1.3.5-24.1.102mdk.i586.rpm
7c921e582b081ef42a2674a702504f8c
10.2/RPMS/koffice-kugar-1.3.5-24.1.102mdk.i586.rpm
56b67aa98db4bd3950a169ac434715ef
10.2/RPMS/koffice-kword-1.3.5-24.1.102mdk.i586.rpm
cd9e775bdc2375834ae392ab95a4c9c8
10.2/RPMS/koffice-progs-1.3.5-24.1.102mdk.i586.rpm
fe55d1e21402323addf4a148f532a8d3
10.2/RPMS/libkoffice2-karbon-1.3.5-24.1.102mdk.i586.rpm
05028989e9b05fd85384b2a8f14845bf
10.2/RPMS/libkoffice2-kformula-1.3.5-24.1.102mdk.i586.rpm
51870740a76006e81b1579557779c45a
10.2/RPMS/libkoffice2-kivio-1.3.5-24.1.102mdk.i586.rpm
0a8f52f04e4d30193614f58961cc63a0
10.2/RPMS/libkoffice2-koshell-1.3.5-24.1.102mdk.i586.rpm
d293e5f31835b64baf437f4b2ee208ca
10.2/RPMS/libkoffice2-kpresenter-1.3.5-24.1.102mdk.i586.rpm
527cb289d397a005ed6c7940e8e43eb5
10.2/RPMS/libkoffice2-kspread-1.3.5-24.1.102mdk.i586.rpm
bf9662eaf4be252f6056f1921f0402b3
10.2/RPMS/libkoffice2-kspread-devel-1.3.5-24.1.102mdk.i586.rpm
ac38281778a94521d5cab5ad6ceb02b4
10.2/RPMS/libkoffice2-kugar-1.3.5-24.1.102mdk.i586.rpm
423bd6ff1616986410c765d3e0b9cc1b
10.2/RPMS/libkoffice2-kugar-devel-1.3.5-24.1.102mdk.i586.rpm
b11a61fb69042d39e009a56815416e21
10.2/RPMS/libkoffice2-kword-1.3.5-24.1.102mdk.i586.rpm
a05e950041fab68dd5776815a13b876e
10.2/RPMS/libkoffice2-kword-devel-1.3.5-24.1.102mdk.i586.rpm
fa2e36e7f5aeec6f3d3ebdddac4345b3
10.2/RPMS/libkoffice2-progs-1.3.5-24.1.102mdk.i586.rpm
497a9104efab7265062dc1072b1a6494
10.2/RPMS/libkoffice2-progs-devel-1.3.5-24.1.102mdk.i586.rpm
e788111a2311e0d6d8610f6299a5c6c5 10.2/SRPMS/koffice-1.3.5-24.1.102mdk.src.rpm
Mandrivalinux 10.2/X86_64:
5baee5d8e03ac236048f9dc9ee1cae1d
x86_64/10.2/RPMS/koffice-1.3.5-24.1.102mdk.x86_64.rpm
a4f07638fe92aaa6f63023eb37d4ac4f
x86_64/10.2/RPMS/koffice-karbon-1.3.5-24.1.102mdk.x86_64.rpm
e20913a9fa595a854b59bc471446610f
x86_64/10.2/RPMS/koffice-kformula-1.3.5-24.1.102mdk.x86_64.rpm
5bf36b1187c2763fce460b2f4561e387
x86_64/10.2/RPMS/koffice-kivio-1.3.5-24.1.102mdk.x86_64.rpm
cf91c8560c3d9c71eee46d2274837cb8
x86_64/10.2/RPMS/koffice-koshell-1.3.5-24.1.102mdk.x86_64.rpm
8e6d654638cb495cdf931b4111a2a3b8
x86_64/10.2/RPMS/koffice-kpresenter-1.3.5-24.1.102mdk.x86_64.rpm
1cd80d061edbd873494ccb9c31e40230
x86_64/10.2/RPMS/koffice-kspread-1.3.5-24.1.102mdk.x86_64.rpm
f69f673dc437b7bca22c156cd48faa72
x86_64/10.2/RPMS/koffice-kugar-1.3.5-24.1.102mdk.x86_64.rpm
68b9e1f606cdba52f9c86266ae91592c
x86_64/10.2/RPMS/koffice-kword-1.3.5-24.1.102mdk.x86_64.rpm
a83de88ba42e1e877ed0f174a07aaf5b
x86_64/10.2/RPMS/koffice-progs-1.3.5-24.1.102mdk.x86_64.rpm
918d36fae713447e2c2b24e765430874
x86_64/10.2/RPMS/lib64koffice2-karbon-1.3.5-24.1.102mdk.x86_64.rpm
93941be1c0a88b65667de2908bc802dc
x86_64/10.2/RPMS/lib64koffice2-kformula-1.3.5-24.1.102mdk.x86_64.rpm
6b927db2d487e511501cfcfb7404a054
x86_64/10.2/RPMS/lib64koffice2-kivio-1.3.5-24.1.102mdk.x86_64.rpm
d68a8723d5c2383b3cb6d6adbb291a90
x86_64/10.2/RPMS/lib64koffice2-koshell-1.3.5-24.1.102mdk.x86_64.rpm
e4ad1b293524afd4166297fa8c67655e
x86_64/10.2/RPMS/lib64koffice2-kpresenter-1.3.5-24.1.102mdk.x86_64.rpm
8dd80fc8e9f7a72547b39f71252891ce
x86_64/10.2/RPMS/lib64koffice2-kspread-1.3.5-24.1.102mdk.x86_64.rpm
5b48cacbf33c325ab97289c94ce83ff1
x86_64/10.2/RPMS/lib64koffice2-kspread-devel-1.3.5-24.1.102mdk.x86_64.rpm
02a6efb474d834b18fa0fc97061be2d0
x86_64/10.2/RPMS/lib64koffice2-kugar-1.3.5-24.1.102mdk.x86_64.rpm
d7736cbc51b2349fc53b6a7e680fa028
x86_64/10.2/RPMS/lib64koffice2-kugar-devel-1.3.5-24.1.102mdk.x86_64.rpm
7d603fb5454ef7da97074897802d8b1d
x86_64/10.2/RPMS/lib64koffice2-kword-1.3.5-24.1.102mdk.x86_64.rpm
a88986c2cb93c9871a28b7a80d5862a5
x86_64/10.2/RPMS/lib64koffice2-kword-devel-1.3.5-24.1.102mdk.x86_64.rpm
4bbcbf52172e3d376cc6a762e4b539dc
x86_64/10.2/RPMS/lib64koffice2-progs-1.3.5-24.1.102mdk.x86_64.rpm
0f50e2a554eb09f08fe5b8fe393c84b0
x86_64/10.2/RPMS/lib64koffice2-progs-devel-1.3.5-24.1.102mdk.x86_64.rpm
e788111a2311e0d6d8610f6299a5c6c5
x86_64/10.2/SRPMS/koffice-1.3.5-24.1.102mdk.src.rpm
Mandrivalinux 2006.0:
a6adc7c1d0f0d3344da723fe1800cd40
2006.0/RPMS/koffice-1.4.1-12.1.20060mdk.i586.rpm
66727f9cc83c1942792897d14ce3cc0b
2006.0/RPMS/koffice-karbon-1.4.1-12.1.20060mdk.i586.rpm
3dc838f82060a8744cf36930ee6c3b70
2006.0/RPMS/koffice-kexi-1.4.1-12.1.20060mdk.i586.rpm
03e27871e30493c058c59d55b87c1624
2006.0/RPMS/koffice-kformula-1.4.1-12.1.20060mdk.i586.rpm
344ae8075c600ed88158270ebedf90de
2006.0/RPMS/koffice-kivio-1.4.1-12.1.20060mdk.i586.rpm
d0208c8db4b5c8c4bffbc809e1a3a35d
2006.0/RPMS/koffice-koshell-1.4.1-12.1.20060mdk.i586.rpm
a78c7411b433b4c09698f945ab022f63
2006.0/RPMS/koffice-kpresenter-1.4.1-12.1.20060mdk.i586.rpm
68d6e3e63e457a4f67c4b80f4ea523ca
2006.0/RPMS/koffice-krita-1.4.1-12.1.20060mdk.i586.rpm
0b0171638e0a35c1a7333a3add72ceb4
2006.0/RPMS/koffice-kspread-1.4.1-12.1.20060mdk.i586.rpm
25134234b10519d65436892831a9732c
2006.0/RPMS/koffice-kugar-1.4.1-12.1.20060mdk.i586.rpm
1f5955cc745d3a2e7460f29348450589
2006.0/RPMS/koffice-kword-1.4.1-12.1.20060mdk.i586.rpm
4f912465aedffbbc26771dd27635c30b
2006.0/RPMS/koffice-progs-1.4.1-12.1.20060mdk.i586.rpm
22115fd5d2de0a12dc4a0aec0bdb9ccf
2006.0/RPMS/libkoffice2-karbon-1.4.1-12.1.20060mdk.i586.rpm
5e0a1aa755b598e31d95fd67f0cf4e83
2006.0/RPMS/libkoffice2-karbon-devel-1.4.1-12.1.20060mdk.i586.rpm
0b8fd754a106f71234242099890ab116
2006.0/RPMS/libkoffice2-kexi-1.4.1-12.1.20060mdk.i586.rpm
585c2cdef7d1e7fc558c2c042f520799
2006.0/RPMS/libkoffice2-kexi-devel-1.4.1-12.1.20060mdk.i586.rpm
c1b5b624767bf75d30207e6f678f90fd
2006.0/RPMS/libkoffice2-kformula-1.4.1-12.1.20060mdk.i586.rpm
653e35fdc3a3b92829a9036284f1b47b
2006.0/RPMS/libkoffice2-kformula-devel-1.4.1-12.1.20060mdk.i586.rpm
e3ad0ace4da1773eb7fe2aa8edd06ac3
2006.0/RPMS/libkoffice2-kivio-1.4.1-12.1.20060mdk.i586.rpm
ce8f249f98e537e3c1fbd0e53f01e925
2006.0/RPMS/libkoffice2-kivio-devel-1.4.1-12.1.20060mdk.i586.rpm
dc305d5eaac533eff0e1fb6659f71922
2006.0/RPMS/libkoffice2-koshell-1.4.1-12.1.20060mdk.i586.rpm
2cbe3f3fc08ccfe4a1823da86d1e2ef3
2006.0/RPMS/libkoffice2-kpresenter-1.4.1-12.1.20060mdk.i586.rpm
83770ce0d38d47f290bc82c60f3a3144
2006.0/RPMS/libkoffice2-krita-1.4.1-12.1.20060mdk.i586.rpm
9a3ab0a5bb4e1f26de66ccc66453c60d
2006.0/RPMS/libkoffice2-krita-devel-1.4.1-12.1.20060mdk.i586.rpm
284c0efc3c44c07e63496c8094f39b86
2006.0/RPMS/libkoffice2-kspread-1.4.1-12.1.20060mdk.i586.rpm
a7cdc2f94616a09580dddc55341bdf22
2006.0/RPMS/libkoffice2-kspread-devel-1.4.1-12.1.20060mdk.i586.rpm
ecc5355d212b8690e7b2545df729ac34
2006.0/RPMS/libkoffice2-kugar-1.4.1-12.1.20060mdk.i586.rpm
00921bad62d2d1d4c3fa4fb9c51b0fa0
2006.0/RPMS/libkoffice2-kugar-devel-1.4.1-12.1.20060mdk.i586.rpm
3c91e509b777d488c02af0508c0a9486
2006.0/RPMS/libkoffice2-kword-1.4.1-12.1.20060mdk.i586.rpm
d5ffcdf3dae152d0fc27c123ad9a5f73
2006.0/RPMS/libkoffice2-kword-devel-1.4.1-12.1.20060mdk.i586.rpm
1bf09822ee344a07113443e634809f93
2006.0/RPMS/libkoffice2-progs-1.4.1-12.1.20060mdk.i586.rpm
bc3ae2f9dddd553b3fdc39a4eb36f330
2006.0/RPMS/libkoffice2-progs-devel-1.4.1-12.1.20060mdk.i586.rpm
7dd1caa2baf31df5cb439de74b15a28e
2006.0/SRPMS/koffice-1.4.1-12.1.20060mdk.src.rpm
Mandrivalinux 2006.0/X86_64:
db74bf2f133367454ae55cd74996a698
x86_64/2006.0/RPMS/koffice-1.4.1-12.1.20060mdk.x86_64.rpm
e3c073ce12af691c61230d1a6b01edda
x86_64/2006.0/RPMS/koffice-karbon-1.4.1-12.1.20060mdk.x86_64.rpm
963d82b04f1d139becfae9d53b6aebb1
x86_64/2006.0/RPMS/koffice-kexi-1.4.1-12.1.20060mdk.x86_64.rpm
218aa2684a5decfca72ff81557e095f8
x86_64/2006.0/RPMS/koffice-kformula-1.4.1-12.1.20060mdk.x86_64.rpm
f47c698f2846ae9e0ea58e8593b392a4
x86_64/2006.0/RPMS/koffice-kivio-1.4.1-12.1.20060mdk.x86_64.rpm
0a5fe8c2ac495d5312d9ddea51c7e738
x86_64/2006.0/RPMS/koffice-koshell-1.4.1-12.1.20060mdk.x86_64.rpm
d0f3fe6d0ff9ba0d1a0d6e47600af266
x86_64/2006.0/RPMS/koffice-kpresenter-1.4.1-12.1.20060mdk.x86_64.rpm
6dd1c14e5b7c3b1d8a51d0866d40b0e0
x86_64/2006.0/RPMS/koffice-krita-1.4.1-12.1.20060mdk.x86_64.rpm
4484b0656be72570a065063e1464553e
x86_64/2006.0/RPMS/koffice-kspread-1.4.1-12.1.20060mdk.x86_64.rpm
0504db4193723ae164aab6b5fa9842e0
x86_64/2006.0/RPMS/koffice-kugar-1.4.1-12.1.20060mdk.x86_64.rpm
086e2aabda477597a3a6a6438423a8fb
x86_64/2006.0/RPMS/koffice-kword-1.4.1-12.1.20060mdk.x86_64.rpm
cd74780d1af1cf4b2303723d87c58c84
x86_64/2006.0/RPMS/koffice-progs-1.4.1-12.1.20060mdk.x86_64.rpm
717cdd1b1c25bdc1f44d3fd429c93a9d
x86_64/2006.0/RPMS/lib64koffice2-karbon-1.4.1-12.1.20060mdk.x86_64.rpm
c9bbd4568ea4977d5617cd3e619c64e8
x86_64/2006.0/RPMS/lib64koffice2-karbon-devel-1.4.1-12.1.20060mdk.x86_64.rpm
95b2a9d1450b7ba1d9deafa17f749286
x86_64/2006.0/RPMS/lib64koffice2-kexi-1.4.1-12.1.20060mdk.x86_64.rpm
a74788f6baa147d8d5ca3405fe9a9ad1
x86_64/2006.0/RPMS/lib64koffice2-kexi-devel-1.4.1-12.1.20060mdk.x86_64.rpm
772f6a8cbd689338ab7de587a47e3cf2
x86_64/2006.0/RPMS/lib64koffice2-kformula-1.4.1-12.1.20060mdk.x86_64.rpm
1eb4e230bd7a58d8fe818afad7734966
x86_64/2006.0/RPMS/lib64koffice2-kformula-devel-1.4.1-12.1.20060mdk.x86_64.rpm
734d78f80525f5486e4935554eddfe54
x86_64/2006.0/RPMS/lib64koffice2-kivio-1.4.1-12.1.20060mdk.x86_64.rpm
5d0db7383f091405fecee6f1c464641b
x86_64/2006.0/RPMS/lib64koffice2-kivio-devel-1.4.1-12.1.20060mdk.x86_64.rpm
0cff0b61127119f4d8b3bc5f66629d71
x86_64/2006.0/RPMS/lib64koffice2-koshell-1.4.1-12.1.20060mdk.x86_64.rpm
a5d85f5d610fa8406870fd07dfdeb2b4
x86_64/2006.0/RPMS/lib64koffice2-kpresenter-1.4.1-12.1.20060mdk.x86_64.rpm
d61cf7db80d6057b166fdd20f883b6ff
x86_64/2006.0/RPMS/lib64koffice2-krita-1.4.1-12.1.20060mdk.x86_64.rpm
9ac9ac30946f68c8cec7bb5a89c813a5
x86_64/2006.0/RPMS/lib64koffice2-krita-devel-1.4.1-12.1.20060mdk.x86_64.rpm
00598e66cc402e571b808584a4d8c336
x86_64/2006.0/RPMS/lib64koffice2-kspread-1.4.1-12.1.20060mdk.x86_64.rpm
4ceb67f1c28b9ddf67ee8c71ec440892
x86_64/2006.0/RPMS/lib64koffice2-kspread-devel-1.4.1-12.1.20060mdk.x86_64.rpm
cd209d72006ebb9bf73b8b0720f6dec5
x86_64/2006.0/RPMS/lib64koffice2-kugar-1.4.1-12.1.20060mdk.x86_64.rpm
6dafddcacf4c22e7bdd923ea9e539dcf
x86_64/2006.0/RPMS/lib64koffice2-kugar-devel-1.4.1-12.1.20060mdk.x86_64.rpm
a528f1fdf4b4e58509fbe66466120a47
x86_64/2006.0/RPMS/lib64koffice2-kword-1.4.1-12.1.20060mdk.x86_64.rpm
7903be8ff2a65a3e2934f1aa08a974d3
x86_64/2006.0/RPMS/lib64koffice2-kword-devel-1.4.1-12.1.20060mdk.x86_64.rpm
ac688ea6ab8372432714409c2f8da424
x86_64/2006.0/RPMS/lib64koffice2-progs-1.4.1-12.1.20060mdk.x86_64.rpm
86c737e2fba85d3dcd4aab2bc769578c
x86_64/2006.0/RPMS/lib64koffice2-progs-devel-1.4.1-12.1.20060mdk.x86_64.rpm
7dd1caa2baf31df5cb439de74b15a28e
x86_64/2006.0/SRPMS/koffice-1.4.1-12.1.20060mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDUCK3mqjQ0CJFipgRAnxkAJ9Sgfj4tI1dDGVSev8ePwLStDm/6wCgu07o
R0nwfpsi6L3cday2Z/pKShU=
=JQQS
-----END PGP SIGNATURE-----