Debian liberó una actualización para koffice. Esta repara una vulnerabilidad que puede explotarse para comprometer el sistema de un usuario.
Debian Security Advisory
DSA-872-1 koffice
Debian GNU/Linux 3.1 alias sarge | KOffice | < | 1.3.5-4.sarge.1 |
Debian GNU/Linux unstable alias sid | KOffice | < | 1.3.5-5 |
Debian liberó una actualización para koffice. Esta repara una vulnerabilidad que puede explotarse por personas maliciosas para comprometer el sistema de un usuario.
Chris Evans encontró un desbordamiento de memoria en el modulo de importación de archivos RTF de KOffice. Un atacante puede explotarlo para ejecutar código arbitrario con los privilegios del usuario AbiWord, engañando al usuario a abrir un archivo RTF malicioso.
Ver:
Buffer Overflow en el importador de archivos RTF en KWord de KOffice.
http://www.seguridad.unam.mx/vulnerabilidadesDB-vulne=4835
Acceso al sistema.
Aplicar la actualización correspondiente.
-- Debian GNU/Linux 3.1 alias sarge --
Código fuente:
http://security.debian.org/pool/updates/main/k/koffice/koffice_1.3.5-4.sarge.1.dsc
http://security.debian.org/pool/updates/main/k/koffice/koffice_1.3.5-4.sarge.1.diff.gz
http://security.debian.org/pool/updates/main/k/koffice/koffice_1.3.5.orig.tar.gz
Componentes para arquitectura independiente:
http://security.debian.org/pool/updates/main/k/koffice/kivio-data_1.3.5-4.sarge.1_all.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-data_1.3.5-4.sarge.1_all.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-doc-html_1.3.5-4.sarge.1_all.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice_1.3.5-4.sarge.1_all.deb
Alpha:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_amd64.deb
ARM:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_arm.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_ia64.deb
HPPA:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_hppa.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_m68k.deb
Big endian MIPS:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_mips.deb
Little endian MIPS:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/k/koffice/karbon_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/kchart_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/kformula_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/kivio_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/koshell_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/kspread_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/kugar_1.3.5-4.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/k/koffice/kword_1.3.5-4.sarge.1_sparc.deb
Mayor información.
http://www.debian.org/security/2005/dsa-872La Coordinación de Seguridad de la Información/UNAM-CERT agradece el apoyo en la elaboración ó traducción y revisión de éste Documento a:
UNAM-CERT
Equipo de Respuesta a Incidentes UNAM
Coordinación de Seguridad de la Información
incidentes at seguridad.unam.mx
phishing at seguridad.unam.mx
http://www.cert.org.mx
http://www.seguridad.unam.mx
ftp://ftp.seguridad.unam.mx
Tel: 56 22 81 69
Fax: 56 22 80 47
Aviso legal |
Créditos |
Staff |
Administración
Copyright © Todos los derechos reservados
UNAM - CERT