[Security Announce] [ MDKSA-2006:222 ] - Updated koffice packages fixes integer overflow vulnerability
Posted on: 12/01/2006 10:30 PM

The Mandriva Security Team published a new security update for Mandriva Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:222
http://www.mandriva.com/security/
_______________________________________________________________________

Package : koffice
Date : December 1, 2006
Affected: 2007.0
_______________________________________________________________________

Problem Description:

An integer overflow was discovered in KOffice's filtering code. By
tricking a user into opening a specially crafted PPT file, attackers
could crash KOffice or possibly execute arbitrary code with the user's
privileges.

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6120
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
97ad85cf8411c6ff5de87a62aab94a35 2007.0/i586/koffice-1.5.91-3.2mdv2007.0.i586.rpm
db50d5559832bbb2dbb2c411184d134f 2007.0/i586/koffice-karbon-1.5.91-3.2mdv2007.0.i586.rpm
7c748642ea280486ccc9ad1164924ec6 2007.0/i586/koffice-kexi-1.5.91-3.2mdv2007.0.i586.rpm
6c5a63dc9354f8b1215adc7512c08685 2007.0/i586/koffice-kformula-1.5.91-3.2mdv2007.0.i586.rpm
78f0e4824c86b6c3f43c4d1e9a5b792a 2007.0/i586/koffice-kivio-1.5.91-3.2mdv2007.0.i586.rpm
8c9a702ef82928900043eef81702df35 2007.0/i586/koffice-koshell-1.5.91-3.2mdv2007.0.i586.rpm
20556ba10c0a5e67da7577077df62312 2007.0/i586/koffice-kplato-1.5.91-3.2mdv2007.0.i586.rpm
b3319fcc35d5a7d370698196ec75ff92 2007.0/i586/koffice-kpresenter-1.5.91-3.2mdv2007.0.i586.rpm
be36984a365fc1e4fbc7b28b931b1bf3 2007.0/i586/koffice-krita-1.5.91-3.2mdv2007.0.i586.rpm
5af60bc6e42cd6489ad018dba76b06a2 2007.0/i586/koffice-kspread-1.5.91-3.2mdv2007.0.i586.rpm
24d4813bee6f2b5814972554d1e6d5ca 2007.0/i586/koffice-kugar-1.5.91-3.2mdv2007.0.i586.rpm
6fae99addb4c1093aa04de1c0e59c97e 2007.0/i586/koffice-kword-1.5.91-3.2mdv2007.0.i586.rpm
7ae26f275efedce5d44d79f392f0bb58 2007.0/i586/koffice-progs-1.5.91-3.2mdv2007.0.i586.rpm
3483943311cd9d80368fe3d08f58c371 2007.0/i586/libkoffice2-karbon-1.5.91-3.2mdv2007.0.i586.rpm
597101df425c25e7dd98c9fe9bf17e07 2007.0/i586/libkoffice2-karbon-devel-1.5.91-3.2mdv2007.0.i586.rpm
57e233c194e554e8704d4c32b788a76c 2007.0/i586/libkoffice2-kexi-1.5.91-3.2mdv2007.0.i586.rpm
2c4c98f62b419e63c0ef65979321deda 2007.0/i586/libkoffice2-kexi-devel-1.5.91-3.2mdv2007.0.i586.rpm
a71985bc483afedf378415adce427a06 2007.0/i586/libkoffice2-kformula-1.5.91-3.2mdv2007.0.i586.rpm
994e26bb97eac10fdd2e09cca64b87a9 2007.0/i586/libkoffice2-kformula-devel-1.5.91-3.2mdv2007.0.i586.rpm
4c41e347712800078a820306a98a26c8 2007.0/i586/libkoffice2-kivio-1.5.91-3.2mdv2007.0.i586.rpm
000ae5e267e281e764b95dccb9c4b84e 2007.0/i586/libkoffice2-kivio-devel-1.5.91-3.2mdv2007.0.i586.rpm
f23734cbd98541eecdeb258c0732fc1a 2007.0/i586/libkoffice2-koshell-1.5.91-3.2mdv2007.0.i586.rpm
dc638d9155717c2c4091b9da2e55144c 2007.0/i586/libkoffice2-kplato-1.5.91-3.2mdv2007.0.i586.rpm
f6d05ae189da6de29cc0c69afab5027b 2007.0/i586/libkoffice2-kpresenter-1.5.91-3.2mdv2007.0.i586.rpm
87d31c59a56729a2f4e9bddc36ea8c32 2007.0/i586/libkoffice2-kpresenter-devel-1.5.91-3.2mdv2007.0.i586.rpm
2fd250793b43f2bb2255d97859f886d2 2007.0/i586/libkoffice2-krita-1.5.91-3.2mdv2007.0.i586.rpm
6c383e3918558aded1e61ddfdadb7273 2007.0/i586/libkoffice2-krita-devel-1.5.91-3.2mdv2007.0.i586.rpm
51ed465cb0c6ee89975aec7f1262ab66 2007.0/i586/libkoffice2-kspread-1.5.91-3.2mdv2007.0.i586.rpm
0663f72f3a1bdce3672899a469d6972b 2007.0/i586/libkoffice2-kspread-devel-1.5.91-3.2mdv2007.0.i586.rpm
04dce49f0d17bdd14716d53ea8e1da0f 2007.0/i586/libkoffice2-kugar-1.5.91-3.2mdv2007.0.i586.rpm
70816b062ed237a79478e3c248922cdd 2007.0/i586/libkoffice2-kugar-devel-1.5.91-3.2mdv2007.0.i586.rpm
a8e1d9c67a02b6910defc0e09b4716f7 2007.0/i586/libkoffice2-kword-1.5.91-3.2mdv2007.0.i586.rpm
dd88904044b5103407fda7c1a2e53fde 2007.0/i586/libkoffice2-kword-devel-1.5.91-3.2mdv2007.0.i586.rpm
8619b90e23e355b545230c6a9fbf5cd2 2007.0/i586/libkoffice2-progs-1.5.91-3.2mdv2007.0.i586.rpm
8c4e1ccdfe2b69d66739aa04c09b4eae 2007.0/i586/libkoffice2-progs-devel-1.5.91-3.2mdv2007.0.i586.rpm
18f79118122cdc73e54dfec4d9365091 2007.0/SRPMS/koffice-1.5.91-3.2mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
0d4734623788de46f16fb9866362fb60 2007.0/x86_64/koffice-1.5.91-3.2mdv2007.0.x86_64.rpm
6e9294e503e496542c867c9f62298731 2007.0/x86_64/koffice-karbon-1.5.91-3.2mdv2007.0.x86_64.rpm
65907aa84ed619962aa87599ea5c922c 2007.0/x86_64/koffice-kexi-1.5.91-3.2mdv2007.0.x86_64.rpm
db489203dc559d631df6cfc7fafe93cd 2007.0/x86_64/koffice-kformula-1.5.91-3.2mdv2007.0.x86_64.rpm
1500fb9ee551eaee484254cb2424e57a 2007.0/x86_64/koffice-kivio-1.5.91-3.2mdv2007.0.x86_64.rpm
9555a5d61aa1132196ab53474d86e3b5 2007.0/x86_64/koffice-koshell-1.5.91-3.2mdv2007.0.x86_64.rpm
b2315a4e783d8482d56ee0723e5a9b0e 2007.0/x86_64/koffice-kplato-1.5.91-3.2mdv2007.0.x86_64.rpm
c742e5bbef3f868d538cfd65ee581623 2007.0/x86_64/koffice-kpresenter-1.5.91-3.2mdv2007.0.x86_64.rpm
9bb89a8140594af37cb5533039f8b8b1 2007.0/x86_64/koffice-krita-1.5.91-3.2mdv2007.0.x86_64.rpm
20702a2f45aa65bf5fd71034c379d877 2007.0/x86_64/koffice-kspread-1.5.91-3.2mdv2007.0.x86_64.rpm
ba4d9249380cb17d86f1cc20b15a6da0 2007.0/x86_64/koffice-kugar-1.5.91-3.2mdv2007.0.x86_64.rpm
96a772d36130780a92a0d14a51b82173 2007.0/x86_64/koffice-kword-1.5.91-3.2mdv2007.0.x86_64.rpm
3ef642a955a0de9f4440a9b7f5ed112d 2007.0/x86_64/koffice-progs-1.5.91-3.2mdv2007.0.x86_64.rpm
90aefb67aefcc6c70e3f0acafdf2d20a 2007.0/x86_64/lib64koffice2-karbon-1.5.91-3.2mdv2007.0.x86_64.rpm
d99922c80f817fe39778f6711cc48a24 2007.0/x86_64/lib64koffice2-karbon-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
d1ce54c1da5baf6e5d78f6dbb9df2e88 2007.0/x86_64/lib64koffice2-kexi-1.5.91-3.2mdv2007.0.x86_64.rpm
5b5ab70a073c52d1866f8f0504d696d8 2007.0/x86_64/lib64koffice2-kexi-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
b27623062be6e6c56afab8d64215eda4 2007.0/x86_64/lib64koffice2-kformula-1.5.91-3.2mdv2007.0.x86_64.rpm
c9d45dfb4c71793c6a04772da52a4c27 2007.0/x86_64/lib64koffice2-kformula-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
c541021dfc624c5b01a2994d3e62354b 2007.0/x86_64/lib64koffice2-kivio-1.5.91-3.2mdv2007.0.x86_64.rpm
78fbf699ce7bd245f7ffcce694488bd8 2007.0/x86_64/lib64koffice2-kivio-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
bc14a92c9079f26509110d8dcfef4234 2007.0/x86_64/lib64koffice2-koshell-1.5.91-3.2mdv2007.0.x86_64.rpm
04df83ce95051488ba0165e02a647438 2007.0/x86_64/lib64koffice2-kplato-1.5.91-3.2mdv2007.0.x86_64.rpm
8bcc5137ccf41bba147986de8d8b95e4 2007.0/x86_64/lib64koffice2-kpresenter-1.5.91-3.2mdv2007.0.x86_64.rpm
9157afe6ed8b9f4745cd7f0333ac484f 2007.0/x86_64/lib64koffice2-kpresenter-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
9edddd073414539f674939a95412ea9e 2007.0/x86_64/lib64koffice2-krita-1.5.91-3.2mdv2007.0.x86_64.rpm
4e54205509fe323caaaecab61acb2e20 2007.0/x86_64/lib64koffice2-krita-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
8149704298a9bfe1edcd903b73536654 2007.0/x86_64/lib64koffice2-kspread-1.5.91-3.2mdv2007.0.x86_64.rpm
ed82f407c7be218dba128252b4de09f3 2007.0/x86_64/lib64koffice2-kspread-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
62a023ac8bb89806a0080797f6f9a03f 2007.0/x86_64/lib64koffice2-kugar-1.5.91-3.2mdv2007.0.x86_64.rpm
0479922c3466a2f4ba2c5079d55fe634 2007.0/x86_64/lib64koffice2-kugar-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
7039997ba59f0e670e8f1352c0c82711 2007.0/x86_64/lib64koffice2-kword-1.5.91-3.2mdv2007.0.x86_64.rpm
aed8cd41144d076f9ee51b6cd0966a51 2007.0/x86_64/lib64koffice2-kword-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
aacf502f62097c102dc44be1387763d7 2007.0/x86_64/lib64koffice2-progs-1.5.91-3.2mdv2007.0.x86_64.rpm
d30e35e35d4e4832f78a61e116114a33 2007.0/x86_64/lib64koffice2-progs-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
18f79118122cdc73e54dfec4d9365091 2007.0/SRPMS/koffice-1.5.91-3.2mdv2007.0.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
lt;security*mandriva.comgt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFcHEwmqjQ0CJFipgRAmRsAJ9maSoEYLobFpNgiMarEgFpcFVQwgCdETbx
BpC/9xb5tzUEDiL6MwB8IXQ=
=Popd
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/security_announce_mdksa_2006222__updated_koffice_packages_fixes_integer_overflow_vulnerability.html)