[ooo-announce] NOTICE: Security Patch (fwd)

Paweł Gołaszewski blues w pld-linux.org
Pią, 15 Kwi 2005, 08:57:07 CEST 


-- 
pozdr.  Paweł Gołaszewski 
---------------------------------
If you think of MS-DOS as mono, and Windows as stereo,
then Linux is Dolby Pro-Logic Surround Sound with Bass Boost
and all the music is free.

---------- Forwarded message ----------
Date: Thu, 14 Apr 2005 15:48:46 -0700
From: Louis Suarez-Potts <louis w openoffice.org>
Reply-To: announce w openoffice.org
To: announce w openoffice.org, users w openoffice.org,
    discuss <discuss w openoffice.org>, dev w native-lang.openoffice.org
X-Mailer: Mailsmith 2.1.5 (Blindsider)
Subject: [ooo-announce] NOTICE: Security Patch

All,

A security vulnerability affecting OpenOffice.org 1.1.4 and earlier, as
well as 2.0beta, including the developer builds, was recently detected.
It has been fixed and a patch is available for immediate download for
all users of OpenOffice.org 1.1.4.

Users of earlier releases (1.1.3 and prior) must upgrade.

Users of 2.0beta are requested to download the latest beta,
OpenOffice.org 1.9.95. It will include the patch and be ready shortly. 

Operating systems affected: All, including Linux, Solaris, Windows, Mac
OS X (X11) (NeoOffice/J users of the latest release are not affected.)
For other platforms, go to the Porting homepage for more information.

* Porting Project: <http://porting.openoffice.org/>

The patch can be found here:

<http://download.openoffice.org/1.1.4/security_patch.html>

installation is easy and instructions are on the page listed above.  


We are requesting that all CD distributors and partners of
OpenOffice.org include the security patch.  If you are not sure your
copy of OpenOffice.org 1.1.4 is secure, download the patch and be sure.  

How serious is the problem?  The problem resides in how OpenOffice.org
handles Microsoft Office .doc files.  A malicious user could send such a
file as an attachment to you containing code that would allow them to
execute arbitrary commands on your computer should you open that
document in OpenOffice.org.

See the security advisory for more information:

<http://www.securityfocus.com/archive/1/395516> 

Be safe by always making sure that you only open attachments from
trusted persons.  


Regards,

The OpenOffice.org Team

---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe w openoffice.org
For additional commands, e-mail: announce-help w openoffice.org

Więcej informacji o liście dyskusyjnej pld-devel-pl