--zCKi3GIZzVBPywwA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline =========================================================== Ubuntu Security Notice USN-202-1 October 12, 2005 koffice vulnerability CAN-2005-2971 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: koffice-libs kword The problem can be corrected by upgrading the affected package to version 1:1.3.5-2ubuntu1.1. After a standard system upgrade you need to restart all KOffice applications to effect the necessary changes. Details follow: Chris Evans discovered a buffer overflow in the RTF import module of KOffice. By tricking a user into opening a specially-crafted RTF file, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user. Source archives: http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice_1.3.5-2ubuntu1.1.diff.gz Size/MD5: 8816 85d465e2669a24b0019233221a0e15fd http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice_1.3.5-2ubuntu1.1.dsc Size/MD5: 999 2eaa86d2bee10bad8d0b34ed2e60d336 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice_1.3.5.orig.tar.gz Size/MD5: 13154501 2c9b45ecbf16a8c5d16ce9d2f51c2571 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kivio-data_1.3.5-2ubuntu1.1_all.deb Size/MD5: 615280 b84003db4ad4625b7266b479eaf1d50c http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-data_1.3.5-2ubuntu1.1_all.deb Size/MD5: 684630 3275891bff107e56d00e13687eea0e22 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-doc-html_1.3.5-2ubuntu1.1_all.deb Size/MD5: 305362 3edd7173b3597eec1b25a5308b509328 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice_1.3.5-2ubuntu1.1_all.deb Size/MD5: 13502 77d6fdda1ad2093ab9e0b45fcf5c8046 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/karbon_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 854530 fbb920f93b00e7c84c789f514f24773a http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kchart_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 673748 b7c436b6086dde8aaaed316bc52a607c http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kformula_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 693330 f1cf7350e87e566692db888c75fcca14 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kivio_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 583362 ec86ad4dbf9edc7a04341d62639e5afd http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-dev_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 147476 83ba665bb66e17484c3857c34001b3ec http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-libs_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 2134962 cff8c010e89c59855294a53e9dca965c http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koshell_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 51192 bce62ed710af795af1727d2f01b1d02d http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kpresenter_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 2536672 3b9a038cd580d80fdf4cc046f77154cd http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kspread_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 1754694 aab82c7ab4b5fb646dd26abfd730c9d9 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kugar_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 551772 762fdef125636d9272ba1945d7f2ed85 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kword_1.3.5-2ubuntu1.1_amd64.deb Size/MD5: 3591006 cefbf03ef13b678400082e75786881d6 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/karbon_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 778648 254467d67814c5ccf9cc1e3ebf65cb09 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kchart_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 660210 019389de3b7e2d12b0618caccf49a3cb http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kformula_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 689214 fe8b796c71500cfe3a51867ed7689ac7 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kivio_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 541344 1103a760575623d236a45f5d79ca4e6b http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-dev_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 147474 d7641c10c832e4b6e92b86bb4202e058 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-libs_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 1994548 72fadda393d3905eb81487c3e993e98f http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koshell_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 48998 aae5d22d053d2fde95ee844262b5ae32 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kpresenter_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 2503204 5114895616ae77175c1fad011a5da104 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kspread_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 1668520 04f4ad391680010fc843f27faceacbff http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kugar_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 533270 cc9ed083427380bac4a6dcff86933f24 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kword_1.3.5-2ubuntu1.1_i386.deb Size/MD5: 3452150 6dbb03a9966d8ccd975e4784acf46bd8 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/karbon_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 826906 f7cbe8e0113ccf1b76e515a715f918a8 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kchart_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 651168 655d47e3d8cabf6c54f51abaf3554a23 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kformula_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 690552 cfe8035a78d467c60b435a95a31aed3b http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kivio_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 554944 5ca771ac6b28b04e8519bc2c3b87e71b http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-dev_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 147478 56ab71652516e78b4c98b496a33f5b52 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-libs_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 2022892 133bf90bb269bafb453d3da968e892eb http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koshell_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 51450 0024c535dafa26d19f417f8965154bc5 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kpresenter_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 2479510 ebc3269b6416598a5425d11146ffcca2 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kspread_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 1663382 9729c91b3c63d5ed36fe1523706a809d http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kugar_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 533568 cc0dda08cb91cf0bc2d12f447072c803 http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kword_1.3.5-2ubuntu1.1_powerpc.deb Size/MD5: 3491862 dcd9768e9ab6d04c28dbe7b5f987891b --zCKi3GIZzVBPywwA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDTLkiDecnbV4Fd/IRAmefAJ9tZ5xIn2WQbPq+A3H0KRG2oRVEEQCgngvu tuEuCky/Ou4XCjeAsI/OY9Y= =ITUJ -----END PGP SIGNATURE----- --zCKi3GIZzVBPywwA--