Security Information / 2011 / Security Information -- DSA-2315-1 openoffice.org

Debian Security Advisory

DSA-2315-1 openoffice.org -- multiple vulnerabilities

Date Reported:

05 Oct 2011

Affected Packages:

openoffice.org

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2011-2713.

More information:

Red Hat, Inc. security researcher Huzaifa Sidhpurwala reported multiple vulnerabilities in the binary Microsoft Word (doc) file format importer of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft Office.

For the oldstable distribution (lenny), this problem has been fixed in version 1:2.4.1+dfsg-1+lenny12.

For the stable distribution (squeeze), this problem has been fixed in version 1:3.2.1-11+squeeze4.

For the testing distribution (wheezy), and the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your openoffice.org packages.