Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites
On Thursday 04 January 2007 21:00, David Litchfield wrote:
> Hi Florian,
>
> >* NGSSoftware Insight Security Research:
> >> The vulnerabilities, three heap overflows, affect OpenOffice 2.1.0 and
> >>
> >> http://download.openoffice.org/2.1.0/index.html
> >
> > As far as I can tell, there is no version newer than 2.1.0 available
> > at the web site. According to uncorroborated, version 2.1.0 is not
> > affected.
> >
> > Would anyone please clarify the situation? Thanks.
>
> It's version's prior to 2.1.0. Thanks for pointing this out. I'll send a
> follow up note.
> Cheers,
> David Litchfield
>
According to Marcus Meissner from SuSE security, opensuse 10.2 contains an OOo
2.0.4 with the security fix backported from 2.1.
Just to add to the fun.
Cheers
Pete