blob: bbabbd8e9febaa7e3ae6d5515ca65d8fe149ce3b [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200603-25">
<title> Heap overflow in included libcurl</title>
<synopsis> contains a vulnerable version of libcurl that may cause a
heap overflow when parsing URLs.
<product type="ebuild">openoffice openoffice-bin</product>
<announced>March 27, 2006</announced>
<revised>March 27, 2006: 01</revised>
<package name="app-office/openoffice-bin" auto="yes" arch="*">
<unaffected range="ge">2.0.2</unaffected>
<vulnerable range="lt">2.0.2</vulnerable>
<package name="app-office/openoffice" auto="yes" arch="*">
<unaffected range="ge">2.0.1-r1</unaffected>
<vulnerable range="lt">2.0.1-r1</vulnerable>
<p> is an office productivity suite, including word
processing, spreadsheet, presentation, data charting, formula editing
and file conversion facilities. libcurl, which is included in, is a free and easy-to-use client-side library for
transferring files with URL syntaxes, supporting numerous protocols.
<p> includes libcurl code. This libcurl code is
vulnerable to a heap overflow when it tries to parse a URL that exceeds
a 256-byte limit (GLSA 200512-09).
<impact type="normal">
An attacker could entice a user to call a specially crafted URL
with, potentially resulting in the execution of
arbitrary code with the rights of the user running the application.
There is no known workaround at this time.
All binary users should upgrade to the latest
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=app-office/openoffice-bin-2.0.2&quot;</code>
All users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=app-office/openoffice-2.0.1-r1&quot;</code>
<uri link="">CVE-2005-4077</uri>
<uri link="">Hardened-PHP Advisory 24/2005</uri>
<uri link="/security/en/glsa/glsa-200512-09.xml">GLSA 200512-09</uri>
<metadata tag="requester" timestamp="Fri, 17 Mar 2006 09:53:36 +0000">
<metadata tag="bugReady" timestamp="Fri, 17 Mar 2006 18:15:26 +0000">
<metadata tag="submitter" timestamp="Sat, 18 Mar 2006 01:42:41 +0000">