Skip to navigation

Security Advisory openoffice.org security update

Advisory: RHSA-2006:0573-10
Type: Security Advisory
Severity: Important
Issued on: 2006-07-03
Last updated on: 2006-07-03
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2006-2198
CVE-2006-2199
CVE-2006-3117

Details

Updated openoffice.org packages are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

OpenOffice.org is an office productivity suite that includes desktop
applications such as a word processor, spreadsheet, presentation manager,
formula editor, and drawing program.

A Sun security specialist reported an issue with the application framework.
An attacker could put macros into document locations that could cause
OpenOffice.org to execute them when the file was opened by a victim.
(CVE-2006-2198)

A bug was found in the OpenOffice.org Java virtual machine implementation.
An attacker could write a carefully crafted Java applet that can break
through the "sandbox" and have full access to system resources with the
current user privileges. (CVE-2006-2199)

A buffer overflow bug was found in the OpenOffice.org file processor. An
attacker could create a carefully crafted XML file that could cause
OpenOffice.org to write data to an arbitrary location in memory when the
file was opened by a victim. (CVE-2006-3117)

All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain backported fixes for these issues.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Desktop (v. 3)

IA-32:
openoffice.org-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 2e662811db76f31ffc23ec85080d74c1
openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 0ca0fdf8e2f5435e710b13ed8bf98dc5
openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: d85b636413b81b22034cfad9108afdee
 
x86_64:
openoffice.org-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 2e662811db76f31ffc23ec85080d74c1
openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 0ca0fdf8e2f5435e710b13ed8bf98dc5
openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: d85b636413b81b22034cfad9108afdee
 
Red Hat Desktop (v. 4)

IA-32:
openoffice.org-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 58136d975b1e19a616049245688b6c8f
openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 741aae622743c8f907d12741cb3dc4d0
openoffice.org-kde-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: e8bc252c443cc6c3d7587818740ec704
openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: dc77923685fb1fb7048eb7ce49772dcf
 
x86_64:
openoffice.org-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 58136d975b1e19a616049245688b6c8f
openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 741aae622743c8f907d12741cb3dc4d0
openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: dc77923685fb1fb7048eb7ce49772dcf
 
Red Hat Enterprise Linux AS (v. 3)

IA-32:
openoffice.org-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 2e662811db76f31ffc23ec85080d74c1
openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 0ca0fdf8e2f5435e710b13ed8bf98dc5
openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: d85b636413b81b22034cfad9108afdee
 
x86_64:
openoffice.org-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 2e662811db76f31ffc23ec85080d74c1
openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 0ca0fdf8e2f5435e710b13ed8bf98dc5
openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: d85b636413b81b22034cfad9108afdee
 
Red Hat Enterprise Linux AS (v. 4)

IA-32:
openoffice.org-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 58136d975b1e19a616049245688b6c8f
openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 741aae622743c8f907d12741cb3dc4d0
openoffice.org-kde-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: e8bc252c443cc6c3d7587818740ec704
openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: dc77923685fb1fb7048eb7ce49772dcf
 
PPC:
openoffice.org-1.1.2-34.6.0.EL4.ppc.rpm
File outdated by:  RHSA-2011:0181
    MD5: 0f6c4a335798ffc244abf27da1090ead
openoffice.org-i18n-1.1.2-34.6.0.EL4.ppc.rpm
File outdated by:  RHSA-2011:0181
    MD5: d61f7c08bf80f71fdcfd8c5304702345
openoffice.org-kde-1.1.2-34.6.0.EL4.ppc.rpm
File outdated by:  RHSA-2011:0181
    MD5: a040bad5b579ae0ada011ce370d6daf6
openoffice.org-libs-1.1.2-34.6.0.EL4.ppc.rpm
File outdated by:  RHSA-2011:0181
    MD5: c819ebea759936c76670f7c0d34decdc
 
x86_64:
openoffice.org-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 58136d975b1e19a616049245688b6c8f
openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 741aae622743c8f907d12741cb3dc4d0
openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: dc77923685fb1fb7048eb7ce49772dcf
 
Red Hat Enterprise Linux ES (v. 3)

IA-32:
openoffice.org-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 2e662811db76f31ffc23ec85080d74c1
openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 0ca0fdf8e2f5435e710b13ed8bf98dc5
openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: d85b636413b81b22034cfad9108afdee
 
x86_64:
openoffice.org-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 2e662811db76f31ffc23ec85080d74c1
openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 0ca0fdf8e2f5435e710b13ed8bf98dc5
openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: d85b636413b81b22034cfad9108afdee
 
Red Hat Enterprise Linux ES (v. 4)

IA-32:
openoffice.org-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 58136d975b1e19a616049245688b6c8f
openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 741aae622743c8f907d12741cb3dc4d0
openoffice.org-kde-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: e8bc252c443cc6c3d7587818740ec704
openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: dc77923685fb1fb7048eb7ce49772dcf
 
x86_64:
openoffice.org-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 58136d975b1e19a616049245688b6c8f
openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 741aae622743c8f907d12741cb3dc4d0
openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: dc77923685fb1fb7048eb7ce49772dcf
 
Red Hat Enterprise Linux WS (v. 3)

IA-32:
openoffice.org-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 2e662811db76f31ffc23ec85080d74c1
openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 0ca0fdf8e2f5435e710b13ed8bf98dc5
openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: d85b636413b81b22034cfad9108afdee
 
x86_64:
openoffice.org-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 2e662811db76f31ffc23ec85080d74c1
openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: 0ca0fdf8e2f5435e710b13ed8bf98dc5
openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm
File outdated by:  RHSA-2010:0643
    MD5: d85b636413b81b22034cfad9108afdee
 
Red Hat Enterprise Linux WS (v. 4)

IA-32:
openoffice.org-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 58136d975b1e19a616049245688b6c8f
openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 741aae622743c8f907d12741cb3dc4d0
openoffice.org-kde-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: e8bc252c443cc6c3d7587818740ec704
openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: dc77923685fb1fb7048eb7ce49772dcf
 
x86_64:
openoffice.org-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 58136d975b1e19a616049245688b6c8f
openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: 741aae622743c8f907d12741cb3dc4d0
openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm
File outdated by:  RHSA-2011:0181
    MD5: dc77923685fb1fb7048eb7ce49772dcf
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

196679 - CVE-2006-2198 various OOo advisories (CVE-2006-2199, CVE-2006-3117)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/