Port openoffice 2.4.1-1ubuntu2.1 to dell-mini
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
The Dell Mini Project |
Fix Released
|
Undecided
|
Unassigned | ||
openoffice.org (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: openoffice.org
Openoffice in the dell-mini (8.04.1) is in version 2.4.1-1ubuntu2. This is affected by several vulnerabilities (see below), fixed in version 2.4.1-1ubuntu2.1 (stock hardy). This update should be applied to the dell-mini too.
openoffice.org (1:2.4.
* SECURITY UPDATE: heap-based buffer overflows which may lead to arbitrary
code execution when processing crafted WMF files
- patches/
wmf/
- http://
- CVE-2008-2237
* SECURITY UPDATE: heap-based buffer overflows which may lead to arbitrary
code execution when processing crafted EMF files
- patches/
wmf/
- http://
- CVE-2008-2238
* SECURITY UPDATE: symlink attack in senddoc which may lead to overwriting
arbitrary files
- debian/rules: remove leftover debugging echos in senddoc. Patch from
Debian
- http://
- http://
- CVE-2008-4937
Changed in openoffice.org: | |
status: | New → Invalid |
Changed in dell-mini: | |
status: | New → Invalid |
Changed in dell-mini: | |
status: | Confirmed → Fix Released |
Why has this bug being marked invalid? As far as I know the version in the mini is just as affected by those bugs as mainstream hardy.
It would be appreciated if when bugs are marked invalid an explanation would be given accordingly for the rest of the users here.