[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <200701042252.22333.pete.connolly@btinternet.com>
Date: Thu, 4 Jan 2007 22:52:21 +0000
From: Pete Connolly <pete.connolly@...nternet.com>
To: bugtraq@...urityfocus.com
Subject: Re: [VulnWatch] High Risk Vulnerability in the OpenOffice and StarOffice Suites
On Thursday 04 January 2007 21:00, David Litchfield wrote:
> Hi Florian,
>
> >* NGSSoftware Insight Security Research:
> >> The vulnerabilities, three heap overflows, affect OpenOffice 2.1.0 and
> >>
> >> http://download.openoffice.org/2.1.0/index.html
> >
> > As far as I can tell, there is no version newer than 2.1.0 available
> > at the web site. According to uncorroborated, version 2.1.0 is not
> > affected.
> >
> > Would anyone please clarify the situation? Thanks.
>
> It's version's prior to 2.1.0. Thanks for pointing this out. I'll send a
> follow up note.
> Cheers,
> David Litchfield
>
According to Marcus Meissner from SuSE security, opensuse 10.2 contains an OOo
2.0.4 with the security fix backported from 2.1.
Just to add to the fun.
Cheers
Pete
Powered by blists - more mailing lists