Debian Security Advisory
DSA-2468-1 libjakarta-poi-java -- unbounded memory allocation
- Date Reported:
- 09 May 2012
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2012-0213.
- More information:
It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine.
For the stable distribution (squeeze), this problem has been fixed in version 3.6+dfsg-1+squeeze1.
We recommend that you upgrade your libjakarta-poi-java packages.