-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:336 http://www.mandriva.com/security/ _______________________________________________________________________ Package : koffice Date : December 17, 2009 Affected: 2008.0 _______________________________________________________________________ Problem Description: Security vulnerabilities have been discovered and fixed in pdf processing code embedded in koffice package (CVE-2009-3606 and CVE-2009-3609). This update fixes these vulnerabilities. Packages for 2008.0 are being provided due to extended support for Corporate products. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 07cc3430d0e670a37a58c007ab929d5b 2008.0/i586/koffice-1.6.3-9.3mdv2008.0.i586.rpm ee7e4a828814a36bb7a400c0458ef9f7 2008.0/i586/koffice-karbon-1.6.3-9.3mdv2008.0.i586.rpm fe0a53cd2cc05f900b6b588d4b0f3b18 2008.0/i586/koffice-kexi-1.6.3-9.3mdv2008.0.i586.rpm bbeafac90a9fca25fbbcc4939d52c21d 2008.0/i586/koffice-kformula-1.6.3-9.3mdv2008.0.i586.rpm d4d0c1c317e2d915938270fa85bd1a59 2008.0/i586/koffice-kivio-1.6.3-9.3mdv2008.0.i586.rpm 8cdfed722bc72d5b1a43ddd7590b0c38 2008.0/i586/koffice-koshell-1.6.3-9.3mdv2008.0.i586.rpm 238c4a8b527a0f4920752a8b296c09a8 2008.0/i586/koffice-kplato-1.6.3-9.3mdv2008.0.i586.rpm 82581539e3f98cb8dbabfaf5bf7d5f61 2008.0/i586/koffice-kpresenter-1.6.3-9.3mdv2008.0.i586.rpm 2ad7c4c5ac604d3fe423872c530f9898 2008.0/i586/koffice-krita-1.6.3-9.3mdv2008.0.i586.rpm 9b8963aa3d0537132820340e33f5ea98 2008.0/i586/koffice-kspread-1.6.3-9.3mdv2008.0.i586.rpm 658ff75bc9fbeeda75b6fc358d691705 2008.0/i586/koffice-kugar-1.6.3-9.3mdv2008.0.i586.rpm 575e4041f7e7aa270686218886dd0b3a 2008.0/i586/koffice-kword-1.6.3-9.3mdv2008.0.i586.rpm b5fa6cd39b7e3913d02082812e96872a 2008.0/i586/koffice-progs-1.6.3-9.3mdv2008.0.i586.rpm 9ad6986af1241ddad3342e7ebe3a6bd0 2008.0/i586/libkoffice2-karbon-1.6.3-9.3mdv2008.0.i586.rpm 37268f938e671a9fa31ed2c34478763b 2008.0/i586/libkoffice2-karbon-devel-1.6.3-9.3mdv2008.0.i586.rpm d4fd910879f3dfe158672dd7dcb645fc 2008.0/i586/libkoffice2-kexi-1.6.3-9.3mdv2008.0.i586.rpm 30807f6231760e395752071bc50e0fa7 2008.0/i586/libkoffice2-kexi-devel-1.6.3-9.3mdv2008.0.i586.rpm c33624080c6e54e392674c8b2d3ea79a 2008.0/i586/libkoffice2-kformula-1.6.3-9.3mdv2008.0.i586.rpm 238703e8f0837e63103b076da9faa8c3 2008.0/i586/libkoffice2-kformula-devel-1.6.3-9.3mdv2008.0.i586.rpm 299cd67d08c5729bf41a7061bc6d5fe7 2008.0/i586/libkoffice2-kivio-1.6.3-9.3mdv2008.0.i586.rpm 8a416555cc66dba5fe507a8c465f5fb6 2008.0/i586/libkoffice2-kivio-devel-1.6.3-9.3mdv2008.0.i586.rpm 4503123a95710d08582fce37ffa8b8c2 2008.0/i586/libkoffice2-koshell-1.6.3-9.3mdv2008.0.i586.rpm 380c1a1e1141c87f8c275b329356cf42 2008.0/i586/libkoffice2-kplato-1.6.3-9.3mdv2008.0.i586.rpm c0ad60018beb0b59a99074c8e3a075a9 2008.0/i586/libkoffice2-kpresenter-1.6.3-9.3mdv2008.0.i586.rpm 7de150e73ac4cc2216d1add2788d9f85 2008.0/i586/libkoffice2-kpresenter-devel-1.6.3-9.3mdv2008.0.i586.rpm 99acb4bbf847aa32eee96c27672874bd 2008.0/i586/libkoffice2-krita-1.6.3-9.3mdv2008.0.i586.rpm 9d7a401cb148d7b2ef2e536c6b34d0d1 2008.0/i586/libkoffice2-krita-devel-1.6.3-9.3mdv2008.0.i586.rpm 45e3d950e1ab98205249ef8c50ae3fc0 2008.0/i586/libkoffice2-kspread-1.6.3-9.3mdv2008.0.i586.rpm bc7c6671a2221ddc6d75c3a9ebed2b23 2008.0/i586/libkoffice2-kspread-devel-1.6.3-9.3mdv2008.0.i586.rpm 7b90f78305c286e0b405c60717c14812 2008.0/i586/libkoffice2-kugar-1.6.3-9.3mdv2008.0.i586.rpm 475c20d63a1ba1a31dbab9f9e19453e2 2008.0/i586/libkoffice2-kugar-devel-1.6.3-9.3mdv2008.0.i586.rpm fc3a18ba90ddd0dd2c99d81ea41f0789 2008.0/i586/libkoffice2-kword-1.6.3-9.3mdv2008.0.i586.rpm 78b5df25330d89601148f64ac1f8680b 2008.0/i586/libkoffice2-kword-devel-1.6.3-9.3mdv2008.0.i586.rpm 235e37a1a1539d7d6d8a7b064f36617a 2008.0/i586/libkoffice2-progs-1.6.3-9.3mdv2008.0.i586.rpm ac0c29b303e7ab57f4bed255dc2e06d2 2008.0/i586/libkoffice2-progs-devel-1.6.3-9.3mdv2008.0.i586.rpm d69ebcb65b4c3718c22cc32e8c07d38f 2008.0/SRPMS/koffice-1.6.3-9.3mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 02f638e0c27b82b4cefe88551ec97e42 2008.0/x86_64/koffice-1.6.3-9.3mdv2008.0.x86_64.rpm 82af7dfad84480599aeec60574aa4a0c 2008.0/x86_64/koffice-karbon-1.6.3-9.3mdv2008.0.x86_64.rpm 01f4f44a2743bbf553ba32aa04149286 2008.0/x86_64/koffice-kexi-1.6.3-9.3mdv2008.0.x86_64.rpm b5447a90a349030cfee1b1fc248ad772 2008.0/x86_64/koffice-kformula-1.6.3-9.3mdv2008.0.x86_64.rpm c52ace63530c59e4488025a22fc02616 2008.0/x86_64/koffice-kivio-1.6.3-9.3mdv2008.0.x86_64.rpm d95f4158980fa62480524b0016419dff 2008.0/x86_64/koffice-koshell-1.6.3-9.3mdv2008.0.x86_64.rpm 70f7d2a37f18d5901dcaaa49dd4d34fc 2008.0/x86_64/koffice-kplato-1.6.3-9.3mdv2008.0.x86_64.rpm cb1ecfb60a39e62d004e9213767c3a94 2008.0/x86_64/koffice-kpresenter-1.6.3-9.3mdv2008.0.x86_64.rpm 3897f0a9020a4e0366cc3b44ca27839d 2008.0/x86_64/koffice-krita-1.6.3-9.3mdv2008.0.x86_64.rpm 2d0d2bbcdada8101d6b89c85024f7f07 2008.0/x86_64/koffice-kspread-1.6.3-9.3mdv2008.0.x86_64.rpm cc83a4dd2db2a637dc8314e127f09d2e 2008.0/x86_64/koffice-kugar-1.6.3-9.3mdv2008.0.x86_64.rpm f698e9e0c0f047e0a8d5e7bac1a0f900 2008.0/x86_64/koffice-kword-1.6.3-9.3mdv2008.0.x86_64.rpm b1ad8180f375d5d0805cfb09984bb3c2 2008.0/x86_64/koffice-progs-1.6.3-9.3mdv2008.0.x86_64.rpm 0d2d26ca9ee19f636e60a711c6c9b202 2008.0/x86_64/lib64koffice2-karbon-1.6.3-9.3mdv2008.0.x86_64.rpm 5ad50a56b9e73ae416ee1a29cadbe776 2008.0/x86_64/lib64koffice2-karbon-devel-1.6.3-9.3mdv2008.0.x86_64.rpm 8183880fc70c64beb53928c837c4ba06 2008.0/x86_64/lib64koffice2-kexi-1.6.3-9.3mdv2008.0.x86_64.rpm 29dc029530ba0dbfe60d030423a4918b 2008.0/x86_64/lib64koffice2-kexi-devel-1.6.3-9.3mdv2008.0.x86_64.rpm 2408b140905098e017aa7174f0300558 2008.0/x86_64/lib64koffice2-kformula-1.6.3-9.3mdv2008.0.x86_64.rpm f40dbee3c588dc3b5517f4dc814e0b17 2008.0/x86_64/lib64koffice2-kformula-devel-1.6.3-9.3mdv2008.0.x86_64.rpm d515dbec3b38565da435ab8076677953 2008.0/x86_64/lib64koffice2-kivio-1.6.3-9.3mdv2008.0.x86_64.rpm 48b91f88ce8d4bb4271069438af0d047 2008.0/x86_64/lib64koffice2-kivio-devel-1.6.3-9.3mdv2008.0.x86_64.rpm 78de3c4ca95ad2f559a229174c0e73a9 2008.0/x86_64/lib64koffice2-koshell-1.6.3-9.3mdv2008.0.x86_64.rpm 1d19f6bac268d70519c09dd92b1c1e88 2008.0/x86_64/lib64koffice2-kplato-1.6.3-9.3mdv2008.0.x86_64.rpm a34f49f1d4aa726e44b06d9a8c971b66 2008.0/x86_64/lib64koffice2-kpresenter-1.6.3-9.3mdv2008.0.x86_64.rpm 8620dee6090f1f558e990dfcc0545492 2008.0/x86_64/lib64koffice2-kpresenter-devel-1.6.3-9.3mdv2008.0.x86_64.rpm afb2e7f351760b199ae851d846b9cd5e 2008.0/x86_64/lib64koffice2-krita-1.6.3-9.3mdv2008.0.x86_64.rpm 63386a61b6fbd683bfc0ea1caf1141fe 2008.0/x86_64/lib64koffice2-krita-devel-1.6.3-9.3mdv2008.0.x86_64.rpm 54499f2e10266d9064d956cae723e416 2008.0/x86_64/lib64koffice2-kspread-1.6.3-9.3mdv2008.0.x86_64.rpm b90bb5270de5a1c3f321b8f479a658f5 2008.0/x86_64/lib64koffice2-kspread-devel-1.6.3-9.3mdv2008.0.x86_64.rpm d0201818fd21f73dfff36037581d6729 2008.0/x86_64/lib64koffice2-kugar-1.6.3-9.3mdv2008.0.x86_64.rpm 408c06d5a8b0ce93a9ca7878c08b1853 2008.0/x86_64/lib64koffice2-kugar-devel-1.6.3-9.3mdv2008.0.x86_64.rpm 2af69583190e0e9742a83789d1190790 2008.0/x86_64/lib64koffice2-kword-1.6.3-9.3mdv2008.0.x86_64.rpm e24607d6e27ed7c5c7e8bde7fc035111 2008.0/x86_64/lib64koffice2-kword-devel-1.6.3-9.3mdv2008.0.x86_64.rpm b4828671b9831a2ab648b6543f21107e 2008.0/x86_64/lib64koffice2-progs-1.6.3-9.3mdv2008.0.x86_64.rpm 031d6a9a1cdd42a5920374cdf94ccaac 2008.0/x86_64/lib64koffice2-progs-devel-1.6.3-9.3mdv2008.0.x86_64.rpm d69ebcb65b4c3718c22cc32e8c07d38f 2008.0/SRPMS/koffice-1.6.3-9.3mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLKqD9mqjQ0CJFipgRAr8VAKCQS6a2whK9tC9m4aoGmNUMM3P26ACgyue+ UwD+FTPTViwBP2obIZwUBYQ= =lSgW -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/