Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2011:172 (libreoffice)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72069

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2011:172 (libreoffice)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to libreoffice
announced via advisory MDVSA-2011:172.

Multiple vulnerabilies has been discovered and corrected in
libreoffice:

Stack-based buffer overflow in the Lotus Word Pro import filter in
LibreOffice before 3.3.3 allows remote attackers to execute arbitrary
code via a crafted .lwp file (CVE-2011-2685).

oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows
user-assisted remote attackers to cause a denial of service (crash)
via a crafted DOC file that triggers an out-of-bounds read in the
DOC sprm parser (CVE-2011-2713).

This update brings a new LibreOffice version 3.4.3 release linked
against stdc++ and gcc_s standard libraries available in the Mandriva
2011 and solves installing conflicts with libstdc++ (#64224).

The package clipart-openclipart was dropped from the main
repository in the Mandriva 2011. However it is not required
having clipart-openclipart installed in order to install
libreoffice-openclipart as the LibreOffice still provides some cliparts
directly in that package (#63634).

This update fixes some OpenOffice.org leftovers in some packages
description replacing that by LibreOffice (#64658).

This update brings new LibreOffice l10n locale packages: Assanese as,
Bengali bn, Dzongkha dz, Farsi fa, Irish ga, Galician gl, Gujarati
gu, Croatian hr, Kannada kn, Lithuanian lt, Latvian lv, Maithili mai,
Malayalam ml, Marathi mr, Ndebele nr, Northern Shoto nso, Oriya or,
Punjabi pa_IN, Romanian ro, Secwepemctsin sh, Sinhalese si, Serbian
sr, Swati ss, Shoto st, Telugu te, Thai th, Tswana tn, Tsonga ts,
Ukrainian uk, Venda ve and Xhosa xh. Help packages are also provided
for: bn, dz, gl, gu, hr, si and uk.

Additionally the gaupol packages are being provided to solve a build
dependcy of some of the supporting tools already added into 2011.

The updated packages have been upgraded to LibreOffice version 3.4.3
where these isssues has been resolved.

Affected: 2011.

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2011:172

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-2685
CERT/CC vulnerability note: VU#953183
http://www.kb.cert.org/vuls/id/953183
http://www.mandriva.com/security/advisories?name=MDVSA-2011:172
http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d
http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877
http://www.openwall.com/lists/oss-security/2011/07/06/13
http://www.openwall.com/lists/oss-security/2011/07/12/13
SuSE Security Announcement: openSUSE-SU-2011:1143 (Google Search)
http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html
Common Vulnerability Exposure (CVE) ID: CVE-2011-2713
1026145
http://www.securitytracker.com/id?1026145
49969
http://www.securityfocus.com/bid/49969
50692
http://secunia.com/advisories/50692
60799
http://secunia.com/advisories/60799
76178
http://osvdb.org/76178
DSA-2315
http://www.debian.org/security/2011/dsa-2315
FEDORA-2011-14036
http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html
FEDORA-2011-14049
http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html
GLSA-201209-05
http://security.gentoo.org/glsa/glsa-201209-05.xml
GLSA-201408-19
http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml
MDVSA-2011:172
http://www.libreoffice.org/advisories/CVE-2011-2713/
https://bugzilla.redhat.com/show_bug.cgi?id=725668
openSUSE-SU-2011:1143

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72069
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2011:172 (libreoffice)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to libreoffice announced via advisory MDVSA-2011:172. Multiple vulnerabilies has been discovered and corrected in libreoffice: Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file (CVE-2011-2685). oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser (CVE-2011-2713). This update brings a new LibreOffice version 3.4.3 release linked against stdc++ and gcc_s standard libraries available in the Mandriva 2011 and solves installing conflicts with libstdc++ (#64224). The package clipart-openclipart was dropped from the main repository in the Mandriva 2011. However it is not required having clipart-openclipart installed in order to install libreoffice-openclipart as the LibreOffice still provides some cliparts directly in that package (#63634). This update fixes some OpenOffice.org leftovers in some packages description replacing that by LibreOffice (#64658). This update brings new LibreOffice l10n locale packages: Assanese as, Bengali bn, Dzongkha dz, Farsi fa, Irish ga, Galician gl, Gujarati gu, Croatian hr, Kannada kn, Lithuanian lt, Latvian lv, Maithili mai, Malayalam ml, Marathi mr, Ndebele nr, Northern Shoto nso, Oriya or, Punjabi pa_IN, Romanian ro, Secwepemctsin sh, Sinhalese si, Serbian sr, Swati ss, Shoto st, Telugu te, Thai th, Tswana tn, Tsonga ts, Ukrainian uk, Venda ve and Xhosa xh. Help packages are also provided for: bn, dz, gl, gu, hr, si and uk. Additionally the gaupol packages are being provided to solve a build dependcy of some of the supporting tools already added into 2011. The updated packages have been upgraded to LibreOffice version 3.4.3 where these isssues has been resolved. Affected: 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2011:172 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2685 CERT/CC vulnerability note: VU#953183 http://www.kb.cert.org/vuls/id/953183 http://www.mandriva.com/security/advisories?name=MDVSA-2011:172 http://cgit.freedesktop.org/libreoffice/filters/commit/?id=278831e37a23e9e2e29ca811c3a5398b7c67464d http://cgit.freedesktop.org/libreoffice/filters/commit/?id=d93fa011d713100775cd3ac88c468b6830d48877 http://www.openwall.com/lists/oss-security/2011/07/06/13 http://www.openwall.com/lists/oss-security/2011/07/12/13 SuSE Security Announcement: openSUSE-SU-2011:1143 (Google Search) http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html Common Vulnerability Exposure (CVE) ID: CVE-2011-2713 1026145 http://www.securitytracker.com/id?1026145 49969 http://www.securityfocus.com/bid/49969 50692 http://secunia.com/advisories/50692 60799 http://secunia.com/advisories/60799 76178 http://osvdb.org/76178 DSA-2315 http://www.debian.org/security/2011/dsa-2315 FEDORA-2011-14036 http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068160.html FEDORA-2011-14049 http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068198.html GLSA-201209-05 http://security.gentoo.org/glsa/glsa-201209-05.xml GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2011:172 http://www.libreoffice.org/advisories/CVE-2011-2713/ https://bugzilla.redhat.com/show_bug.cgi?id=725668 openSUSE-SU-2011:1143
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com