lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040928065230.21351.qmail@updates.mandrakesoft.com>
Date: 28 Sep 2004 06:52:30 -0000
From: Mandrake Linux Security Team <security@...ux-mandrake.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2004:103 - Updated OpenOffice.org packages fix temporary file vulnerabilities


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           OpenOffice.org
 Advisory ID:            MDKSA-2004:103
 Date:                   September 27th, 2004

 Affected versions:	 10.0
 ______________________________________________________________________

 Problem Description:

 A vulnerability in OpenOffice.org was reported by pmladek where a
 local user may be able to obtain and read documents that belong to
 another user.  The way that OpenOffice.org created temporary files,
 which used the user's umask to create the file, could potentially
 allow for other users to have read access to the document (again,
 dependant upon the user's umask).
 
 The updated packages have been patched to prevent this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 6dcdf713f9b86b9fb8c1d2a652aca05c  10.0/RPMS/OpenOffice.org-1.1.2-8.100mdk.i586.rpm
 82586f5dd2c3b873442086174d17263b  10.0/RPMS/OpenOffice.org-help-cs-1.1.2-8.100mdk.i586.rpm
 e9c7967557e4aa63203475126c922470  10.0/RPMS/OpenOffice.org-help-de-1.1.2-8.100mdk.i586.rpm
 91e537d10cc754b4b1c89fb4e48580d8  10.0/RPMS/OpenOffice.org-help-en-1.1.2-8.100mdk.i586.rpm
 988366f3e410d001567ddefd2c855c8f  10.0/RPMS/OpenOffice.org-help-es-1.1.2-8.100mdk.i586.rpm
 ecdb9c92c23f33c4548bd5f8e6d15e89  10.0/RPMS/OpenOffice.org-help-eu-1.1.2-8.100mdk.i586.rpm
 34398abee71ee44bbd73f8999cc927fa  10.0/RPMS/OpenOffice.org-help-fi-1.1.2-8.100mdk.i586.rpm
 7dfda7c433d14a852004de3233a649e8  10.0/RPMS/OpenOffice.org-help-fr-1.1.2-8.100mdk.i586.rpm
 d95e356f7327acfe7db669ef86ad3145  10.0/RPMS/OpenOffice.org-help-it-1.1.2-8.100mdk.i586.rpm
 e59ed8acd4a2e287545a59d87b330580  10.0/RPMS/OpenOffice.org-help-ja-1.1.2-8.100mdk.i586.rpm
 b859c002405c021e32ff9bb43c0f6c6d  10.0/RPMS/OpenOffice.org-help-ko-1.1.2-8.100mdk.i586.rpm
 1a31ed1c4fae0193cc55a70ae65f0045  10.0/RPMS/OpenOffice.org-help-nl-1.1.2-8.100mdk.i586.rpm
 10118f1f329abbfcdc6d0123f07e7400  10.0/RPMS/OpenOffice.org-help-ru-1.1.2-8.100mdk.i586.rpm
 8258eeb4b6db30fad630655197b841ef  10.0/RPMS/OpenOffice.org-help-sk-1.1.2-8.100mdk.i586.rpm
 4b2f8b6890d6cce15416bd30e4e0286d  10.0/RPMS/OpenOffice.org-help-sv-1.1.2-8.100mdk.i586.rpm
 dab28c6494f154cc65b669e1817be46f  10.0/RPMS/OpenOffice.org-help-zh_CN-1.1.2-8.100mdk.i586.rpm
 50f2019f947e8ec8997667d4e63d20a1  10.0/RPMS/OpenOffice.org-help-zh_TW-1.1.2-8.100mdk.i586.rpm
 6a6b435b956973b166128212b7d663d4  10.0/RPMS/OpenOffice.org-l10n-ar-1.1.2-8.100mdk.i586.rpm
 ac19524d6f8a9672e3c60e324c081d64  10.0/RPMS/OpenOffice.org-l10n-ca-1.1.2-8.100mdk.i586.rpm
 94ac592c89da0ce121b5de7e8de9e974  10.0/RPMS/OpenOffice.org-l10n-cs-1.1.2-8.100mdk.i586.rpm
 2354116aebb06ae56f40eb306dccb7ea  10.0/RPMS/OpenOffice.org-l10n-da-1.1.2-8.100mdk.i586.rpm
 cb268d3ab6be233d79c16b20903c33c6  10.0/RPMS/OpenOffice.org-l10n-de-1.1.2-8.100mdk.i586.rpm
 bd12ab884f02324e42367dfb5271c688  10.0/RPMS/OpenOffice.org-l10n-el-1.1.2-8.100mdk.i586.rpm
 314e3e1a45e2968ffbf7f1ec6a5487cd  10.0/RPMS/OpenOffice.org-l10n-en-1.1.2-8.100mdk.i586.rpm
 2833ed7bd2f95f788e2dfeac729f2473  10.0/RPMS/OpenOffice.org-l10n-es-1.1.2-8.100mdk.i586.rpm
 6c9e53a4daf5f1f872556f2e374b742c  10.0/RPMS/OpenOffice.org-l10n-et-1.1.2-8.100mdk.i586.rpm
 d3c53b97c8d3a765c55599be649d5a30  10.0/RPMS/OpenOffice.org-l10n-eu-1.1.2-8.100mdk.i586.rpm
 08705cc3571f13e0c115b5e6b0f10cdc  10.0/RPMS/OpenOffice.org-l10n-fi-1.1.2-8.100mdk.i586.rpm
 95374fe47baf5807c0e523554c9a4a4d  10.0/RPMS/OpenOffice.org-l10n-fr-1.1.2-8.100mdk.i586.rpm
 70b73f0f2c6e2f35933568be3b642f8c  10.0/RPMS/OpenOffice.org-l10n-it-1.1.2-8.100mdk.i586.rpm
 83fdca6056dfd504917d491f4b8166c1  10.0/RPMS/OpenOffice.org-l10n-ja-1.1.2-8.100mdk.i586.rpm
 2fb3b05070d2928f0ca2357adf1749d5  10.0/RPMS/OpenOffice.org-l10n-ko-1.1.2-8.100mdk.i586.rpm
 ff994fed500ce3a68228ecb38d09b7e1  10.0/RPMS/OpenOffice.org-l10n-nb-1.1.2-8.100mdk.i586.rpm
 cb0d8319d68c935c7a28e263bc4cd84f  10.0/RPMS/OpenOffice.org-l10n-nl-1.1.2-8.100mdk.i586.rpm
 8d29108101a3d6f63e28f63cc3df3577  10.0/RPMS/OpenOffice.org-l10n-nn-1.1.2-8.100mdk.i586.rpm
 2e1c5879febfd8507b0a9d973e6cc855  10.0/RPMS/OpenOffice.org-l10n-pl-1.1.2-8.100mdk.i586.rpm
 097d9e64dbd3487d58efc724d0db958a  10.0/RPMS/OpenOffice.org-l10n-pt-1.1.2-8.100mdk.i586.rpm
 69d94c008dfaf2993dc5106d44704b6e  10.0/RPMS/OpenOffice.org-l10n-pt_BR-1.1.2-8.100mdk.i586.rpm
 a058aa946632b9578f24d2aa5d98c708  10.0/RPMS/OpenOffice.org-l10n-ru-1.1.2-8.100mdk.i586.rpm
 8e541d03cec5d83e206845a3384b8aba  10.0/RPMS/OpenOffice.org-l10n-sk-1.1.2-8.100mdk.i586.rpm
 a730904f48b2595ded3dbc52890c0f5b  10.0/RPMS/OpenOffice.org-l10n-sv-1.1.2-8.100mdk.i586.rpm
 e1476628aa0e5d044e7ef5ae19105b4f  10.0/RPMS/OpenOffice.org-l10n-tr-1.1.2-8.100mdk.i586.rpm
 91324079d5e05b18bf7a39b52dc4ddd1  10.0/RPMS/OpenOffice.org-l10n-zh_CN-1.1.2-8.100mdk.i586.rpm
 e31bc4300a938e2aed4ab516b9e90cc8  10.0/RPMS/OpenOffice.org-l10n-zh_TW-1.1.2-8.100mdk.i586.rpm
 d5c134900a302525f24b44d2d0edb2b2  10.0/RPMS/OpenOffice.org-libs-1.1.2-8.100mdk.i586.rpm
 56fb619d14aae1230983490f93db8353  10.0/SRPMS/OpenOffice.org-1.1.2-8.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 6dcdf713f9b86b9fb8c1d2a652aca05c  amd64/10.0/RPMS/OpenOffice.org-1.1.2-8.100mdk.i586.rpm
 82586f5dd2c3b873442086174d17263b  amd64/10.0/RPMS/OpenOffice.org-help-cs-1.1.2-8.100mdk.i586.rpm
 e9c7967557e4aa63203475126c922470  amd64/10.0/RPMS/OpenOffice.org-help-de-1.1.2-8.100mdk.i586.rpm
 91e537d10cc754b4b1c89fb4e48580d8  amd64/10.0/RPMS/OpenOffice.org-help-en-1.1.2-8.100mdk.i586.rpm
 988366f3e410d001567ddefd2c855c8f  amd64/10.0/RPMS/OpenOffice.org-help-es-1.1.2-8.100mdk.i586.rpm
 ecdb9c92c23f33c4548bd5f8e6d15e89  amd64/10.0/RPMS/OpenOffice.org-help-eu-1.1.2-8.100mdk.i586.rpm
 34398abee71ee44bbd73f8999cc927fa  amd64/10.0/RPMS/OpenOffice.org-help-fi-1.1.2-8.100mdk.i586.rpm
 7dfda7c433d14a852004de3233a649e8  amd64/10.0/RPMS/OpenOffice.org-help-fr-1.1.2-8.100mdk.i586.rpm
 d95e356f7327acfe7db669ef86ad3145  amd64/10.0/RPMS/OpenOffice.org-help-it-1.1.2-8.100mdk.i586.rpm
 e59ed8acd4a2e287545a59d87b330580  amd64/10.0/RPMS/OpenOffice.org-help-ja-1.1.2-8.100mdk.i586.rpm
 b859c002405c021e32ff9bb43c0f6c6d  amd64/10.0/RPMS/OpenOffice.org-help-ko-1.1.2-8.100mdk.i586.rpm
 1a31ed1c4fae0193cc55a70ae65f0045  amd64/10.0/RPMS/OpenOffice.org-help-nl-1.1.2-8.100mdk.i586.rpm
 10118f1f329abbfcdc6d0123f07e7400  amd64/10.0/RPMS/OpenOffice.org-help-ru-1.1.2-8.100mdk.i586.rpm
 8258eeb4b6db30fad630655197b841ef  amd64/10.0/RPMS/OpenOffice.org-help-sk-1.1.2-8.100mdk.i586.rpm
 4b2f8b6890d6cce15416bd30e4e0286d  amd64/10.0/RPMS/OpenOffice.org-help-sv-1.1.2-8.100mdk.i586.rpm
 dab28c6494f154cc65b669e1817be46f  amd64/10.0/RPMS/OpenOffice.org-help-zh_CN-1.1.2-8.100mdk.i586.rpm
 50f2019f947e8ec8997667d4e63d20a1  amd64/10.0/RPMS/OpenOffice.org-help-zh_TW-1.1.2-8.100mdk.i586.rpm
 6a6b435b956973b166128212b7d663d4  amd64/10.0/RPMS/OpenOffice.org-l10n-ar-1.1.2-8.100mdk.i586.rpm
 ac19524d6f8a9672e3c60e324c081d64  amd64/10.0/RPMS/OpenOffice.org-l10n-ca-1.1.2-8.100mdk.i586.rpm
 94ac592c89da0ce121b5de7e8de9e974  amd64/10.0/RPMS/OpenOffice.org-l10n-cs-1.1.2-8.100mdk.i586.rpm
 2354116aebb06ae56f40eb306dccb7ea  amd64/10.0/RPMS/OpenOffice.org-l10n-da-1.1.2-8.100mdk.i586.rpm
 cb268d3ab6be233d79c16b20903c33c6  amd64/10.0/RPMS/OpenOffice.org-l10n-de-1.1.2-8.100mdk.i586.rpm
 bd12ab884f02324e42367dfb5271c688  amd64/10.0/RPMS/OpenOffice.org-l10n-el-1.1.2-8.100mdk.i586.rpm
 314e3e1a45e2968ffbf7f1ec6a5487cd  amd64/10.0/RPMS/OpenOffice.org-l10n-en-1.1.2-8.100mdk.i586.rpm
 2833ed7bd2f95f788e2dfeac729f2473  amd64/10.0/RPMS/OpenOffice.org-l10n-es-1.1.2-8.100mdk.i586.rpm
 6c9e53a4daf5f1f872556f2e374b742c  amd64/10.0/RPMS/OpenOffice.org-l10n-et-1.1.2-8.100mdk.i586.rpm
 d3c53b97c8d3a765c55599be649d5a30  amd64/10.0/RPMS/OpenOffice.org-l10n-eu-1.1.2-8.100mdk.i586.rpm
 08705cc3571f13e0c115b5e6b0f10cdc  amd64/10.0/RPMS/OpenOffice.org-l10n-fi-1.1.2-8.100mdk.i586.rpm
 95374fe47baf5807c0e523554c9a4a4d  amd64/10.0/RPMS/OpenOffice.org-l10n-fr-1.1.2-8.100mdk.i586.rpm
 70b73f0f2c6e2f35933568be3b642f8c  amd64/10.0/RPMS/OpenOffice.org-l10n-it-1.1.2-8.100mdk.i586.rpm
 83fdca6056dfd504917d491f4b8166c1  amd64/10.0/RPMS/OpenOffice.org-l10n-ja-1.1.2-8.100mdk.i586.rpm
 2fb3b05070d2928f0ca2357adf1749d5  amd64/10.0/RPMS/OpenOffice.org-l10n-ko-1.1.2-8.100mdk.i586.rpm
 ff994fed500ce3a68228ecb38d09b7e1  amd64/10.0/RPMS/OpenOffice.org-l10n-nb-1.1.2-8.100mdk.i586.rpm
 cb0d8319d68c935c7a28e263bc4cd84f  amd64/10.0/RPMS/OpenOffice.org-l10n-nl-1.1.2-8.100mdk.i586.rpm
 8d29108101a3d6f63e28f63cc3df3577  amd64/10.0/RPMS/OpenOffice.org-l10n-nn-1.1.2-8.100mdk.i586.rpm
 2e1c5879febfd8507b0a9d973e6cc855  amd64/10.0/RPMS/OpenOffice.org-l10n-pl-1.1.2-8.100mdk.i586.rpm
 097d9e64dbd3487d58efc724d0db958a  amd64/10.0/RPMS/OpenOffice.org-l10n-pt-1.1.2-8.100mdk.i586.rpm
 69d94c008dfaf2993dc5106d44704b6e  amd64/10.0/RPMS/OpenOffice.org-l10n-pt_BR-1.1.2-8.100mdk.i586.rpm
 a058aa946632b9578f24d2aa5d98c708  amd64/10.0/RPMS/OpenOffice.org-l10n-ru-1.1.2-8.100mdk.i586.rpm
 8e541d03cec5d83e206845a3384b8aba  amd64/10.0/RPMS/OpenOffice.org-l10n-sk-1.1.2-8.100mdk.i586.rpm
 a730904f48b2595ded3dbc52890c0f5b  amd64/10.0/RPMS/OpenOffice.org-l10n-sv-1.1.2-8.100mdk.i586.rpm
 e1476628aa0e5d044e7ef5ae19105b4f  amd64/10.0/RPMS/OpenOffice.org-l10n-tr-1.1.2-8.100mdk.i586.rpm
 91324079d5e05b18bf7a39b52dc4ddd1  amd64/10.0/RPMS/OpenOffice.org-l10n-zh_CN-1.1.2-8.100mdk.i586.rpm
 e31bc4300a938e2aed4ab516b9e90cc8  amd64/10.0/RPMS/OpenOffice.org-l10n-zh_TW-1.1.2-8.100mdk.i586.rpm
 d5c134900a302525f24b44d2d0edb2b2  amd64/10.0/RPMS/OpenOffice.org-libs-1.1.2-8.100mdk.i586.rpm
 56fb619d14aae1230983490f93db8353  amd64/10.0/SRPMS/OpenOffice.org-1.1.2-8.100mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBWQoumqjQ0CJFipgRAnlMAKChxOOrnZmlId15vUeNCljeQ7vIwgCg7Kyn
WNQKkDIyXhwT7rRImOU6ymY=
=32RL
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ