Welcome to NeoOffice developer notes and announcements
NeoOffice
Developer notes and announcements
 
 

This website is an archive and is no longer active
NeoOffice announcements have moved to the NeoOffice News website


Support
· Forums
· NeoOffice Support
· NeoWiki


Announcements
· Twitter @NeoOffice


Downloads
· Download NeoOffice


  
NeoOffice :: View topic - Vulnerability in OpenOffice
Vulnerability in OpenOffice
 
   NeoOffice Forum Index -> Random Whatnot
View previous topic :: View next topic  
Author Message
K-9
The Merovingian


Joined: Mar 15, 2006
Posts: 571
Location: U.S.
PostPosted: Thu Aug 28, 2008 12:14 pm    Post subject: Vulnerability in OpenOffice
just saw this:


http://www.heise-online.co.uk/open/Vulnerability-in-OpenOffice--/news/111422

Vulnerability in OpenOffice

The current version of OpenOffice reportedly contains a security flaw that allows attackers to inject code into a system. The problem apparently only affects the 64-bit version of the office suite. No official patched version is currently available because the 64-bit binary releases only come from Linux distributors, not from developers.
The flaw has, however, already been remedied in the repositories of OpenOffice. Red Hat was one of the first distributors to publish new packages for 64-bit versions under RHEL Desktop Workstation V5 Client and Red Hat Enterprise Linux Desktop V5.
The vulnerability is the result of a flaw in the function rtl_allocateMemory on 64-bit systems; the function is designed to allow for access to memory outside of a defined array. The problem can reportedly be prevented during compilation by adding the option --with-alloc=system.
Back to top
Samwise
Captain Naiobi


Joined: Apr 25, 2006
Posts: 2315
Location: Montpellier, France
PostPosted: Thu Aug 28, 2008 12:22 pm    Post subject:
NeoOfficce is not affected for two reasons:

- NeoOffice is only released in 32-bit "flavor";

- more importantly, NeoOffice doesn't use the OpenOffice.org memory allocation code which is affected by the flaw (IIRC);
Back to top
K-9
The Merovingian


Joined: Mar 15, 2006
Posts: 571
Location: U.S.
PostPosted: Thu Aug 28, 2008 12:44 pm    Post subject:
Ok - I had no clue but I figured I'd post it just in case... if you want - delete this thread please.
Back to top
Display posts from previous:   
   NeoOffice Forum Index -> Random Whatnot All times are GMT - 7 Hours
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum

Powered by phpBB © 2001, 2005 phpBB Group

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © Planamesa Inc.
NeoOffice is a registered trademark of Planamesa Inc. and may not be used without permission.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.