You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openoffice.apache.org by pe...@apache.org on 2019/01/14 20:50:54 UTC
svn commit: r1851294 - in /openoffice/ooo-site/trunk/content/security:
bulletin.html cves/CVE-2018-11790.html
Author: petko
Date: Mon Jan 14 20:50:54 2019
New Revision: 1851294
URL: http://svn.apache.org/viewvc?rev=1851294&view=rev
Log:
update bulletin with CVE-2018-11790
Added:
openoffice/ooo-site/trunk/content/security/cves/CVE-2018-11790.html (with props)
Modified:
openoffice/ooo-site/trunk/content/security/bulletin.html
Modified: openoffice/ooo-site/trunk/content/security/bulletin.html
URL: http://svn.apache.org/viewvc/openoffice/ooo-site/trunk/content/security/bulletin.html?rev=1851294&r1=1851293&r2=1851294&view=diff
==============================================================================
--- openoffice/ooo-site/trunk/content/security/bulletin.html (original)
+++ openoffice/ooo-site/trunk/content/security/bulletin.html Mon Jan 14 20:50:54 2019
@@ -24,66 +24,66 @@
<h3>Fixed in Apache OpenOffice 4.1.6</h3>
<ul>
-<li><em>OpenOffice 4.1.6 fixes security vulnerabilities. As usual, details about fixed vulnerabilities will be made public a few weeks after release.</em></li>
-</ul>
+ <li><a href="cves/CVE-2018-11790.html">CVE-2018-11790</a>: Arithmetic overflow and wrap around during string length calculation </li>
+</ul>
<h3>Fixed in Apache OpenOffice 4.1.5</h3>
<ul>
-<li>No security vulnerabilities fixed in this release</li>
+ <li>No security vulnerabilities fixed in this release</li>
</ul>
<h3>Fixed in Apache OpenOffice 4.1.4</h3>
<ul>
-<li><a href="cves/CVE-2017-3157.html">CVE-2017-3157</a>: Arbitrary file disclosure in Calc and Writer</li>
-<li><a href="cves/CVE-2017-9806.html">CVE-2017-9806</a>: Out-of-Bounds Write in Writer's WW8Fonts Constructor</li>
-<li><a href="cves/CVE-2017-12607.html">CVE-2017-12607</a>: Out-of-Bounds Write in Impress' PPT Filter</li>
-<li><a href="cves/CVE-2017-12608.html">CVE-2017-12608</a>: Out-of-Bounds Write in Writer's ImportOldFormatStyles</li>
+ <li><a href="cves/CVE-2017-3157.html">CVE-2017-3157</a>: Arbitrary file disclosure in Calc and Writer</li>
+ <li><a href="cves/CVE-2017-9806.html">CVE-2017-9806</a>: Out-of-Bounds Write in Writer's WW8Fonts Constructor</li>
+ <li><a href="cves/CVE-2017-12607.html">CVE-2017-12607</a>: Out-of-Bounds Write in Impress' PPT Filter</li>
+ <li><a href="cves/CVE-2017-12608.html">CVE-2017-12608</a>: Out-of-Bounds Write in Writer's ImportOldFormatStyles</li>
</ul>
<h3>Fixed in Apache OpenOffice 4.1.3</h3>
<ul>
-<li><a href="cves/CVE-2016-1513.html">CVE-2016-1513</a>: Memory Corruption Vulnerability (Impress Presentations)</li>
-<li><a href="cves/CVE-2016-6803.html">CVE-2016-6803</a>: Windows Installer Can Enable Privileged Trojan Execution</li>
-<li><a href="cves/CVE-2016-6804.html">CVE-2016-6804</a>: Windows Installer Execution of Arbitrary Code with Elevated Privileges</li>
+ <li><a href="cves/CVE-2016-1513.html">CVE-2016-1513</a>: Memory Corruption Vulnerability (Impress Presentations)</li>
+ <li><a href="cves/CVE-2016-6803.html">CVE-2016-6803</a>: Windows Installer Can Enable Privileged Trojan Execution</li>
+ <li><a href="cves/CVE-2016-6804.html">CVE-2016-6804</a>: Windows Installer Execution of Arbitrary Code with Elevated Privileges</li>
</ul>
<h3>Fixed in Apache OpenOffice 4.1.2</h3>
<ul>
-<li><a href="cves/CVE-2015-1774.html">CVE-2015-1774</a>: Out-of-Bounds Write in HWP File Filter</li>
-<li><a href="cves/CVE-2015-4551.html">CVE-2015-4551</a>: Targeted Data Disclosure</li>
-<li><a href="cves/CVE-2015-5212.html">CVE-2015-5212</a>: ODF Printer Settings Vulnerability</li>
-<li><a href="cves/CVE-2015-5213.html">CVE-2015-5213</a>: .DOC Document Vulnerability</li>
-<li><a href="cves/CVE-2015-5214.html">CVE-2015-5214</a>: .DOC Bookmarks Vulnerability</li>
+ <li><a href="cves/CVE-2015-1774.html">CVE-2015-1774</a>: Out-of-Bounds Write in HWP File Filter</li>
+ <li><a href="cves/CVE-2015-4551.html">CVE-2015-4551</a>: Targeted Data Disclosure</li>
+ <li><a href="cves/CVE-2015-5212.html">CVE-2015-5212</a>: ODF Printer Settings Vulnerability</li>
+ <li><a href="cves/CVE-2015-5213.html">CVE-2015-5213</a>: .DOC Document Vulnerability</li>
+ <li><a href="cves/CVE-2015-5214.html">CVE-2015-5214</a>: .DOC Bookmarks Vulnerability</li>
</ul>
<h3>Fixed in Apache OpenOffice 4.1.1</h3>
<ul>
-<li><a href="cves/CVE-2014-3575.html">CVE-2014-3575</a>: Targeted Data Exposure Using Crafted OLE Objects in Apache OpenOffice</li>
-<li><a href="cves/CVE-2014-3524.html">CVE-2014-3524</a>: Calc Command Injection Vulnerability in Apache OpenOffice</li>
+ <li><a href="cves/CVE-2014-3575.html">CVE-2014-3575</a>: Targeted Data Exposure Using Crafted OLE Objects in Apache OpenOffice</li>
+ <li><a href="cves/CVE-2014-3524.html">CVE-2014-3524</a>: Calc Command Injection Vulnerability in Apache OpenOffice</li>
</ul>
<h3>Fixed in Apache OpenOffice 4.0.0</h3>
<ul>
-<li><a href="cves/CVE-2013-2189.html">CVE-2013-2189</a>: DOC Memory Corruption Vulnerability in Apache OpenOffice</li>
-<li><a href="cves/CVE-2013-4156.html">CVE-2013-4156</a>: DOCM Memory Corruption Vulnerability in Apache OpenOffice</li>
+ <li><a href="cves/CVE-2013-2189.html">CVE-2013-2189</a>: DOC Memory Corruption Vulnerability in Apache OpenOffice</li>
+ <li><a href="cves/CVE-2013-4156.html">CVE-2013-4156</a>: DOCM Memory Corruption Vulnerability in Apache OpenOffice</li>
</ul>
<h3>Fixed in Apache OpenOffice 3.4.1</h3>
<ul>
-<li><a href="cves/CVE-2012-2665.html">CVE-2012-2665</a>: Manifest-processing errors in Apache OpenOffice 3.4.0</li>
-<li><a href="cves/CVE-2013-1571.html">CVE-2013-1571</a>: Frame Injection Vulnerability in SDK JavaDoc</li>
+ <li><a href="cves/CVE-2012-2665.html">CVE-2012-2665</a>: Manifest-processing errors in Apache OpenOffice 3.4.0</li>
+ <li><a href="cves/CVE-2013-1571.html">CVE-2013-1571</a>: Frame Injection Vulnerability in SDK JavaDoc</li>
</ul>
<h3>Fixed in Apache OpenOffice 3.4.0</h3>
<ul>
-<li><a href="cves/CVE-2012-1149.html">CVE-2012-1149</a>: OpenOffice.org integer overflow error in vclmi.dll module when allocating
+ <li><a href="cves/CVE-2012-1149.html">CVE-2012-1149</a>: OpenOffice.org integer overflow error in vclmi.dll module when allocating
memory for an embedded image object</li>
-<li><a href="cves/CVE-2012-2149.html">CVE-2012-2149</a>: OpenOffice.org memory overwrite vulnerability</li>
-<li><a href="cves/CVE-2012-2334.html">CVE-2012-2334</a>: Vulnerabilities related to
-malformed Powerpoint files in OpenOffice.org 3.3.0</li>
+ <li><a href="cves/CVE-2012-2149.html">CVE-2012-2149</a>: OpenOffice.org memory overwrite vulnerability</li>
+ <li><a href="cves/CVE-2012-2334.html">CVE-2012-2334</a>: Vulnerabilities related to
+ malformed Powerpoint files in OpenOffice.org 3.3.0</li>
</ul>
- <h3>Patches for OpenOffice.org 3.3</h3>
+<h3>Patches for OpenOffice.org 3.3</h3>
<ul>
<li><a href="cves/CVE-2012-0037.html">CVE-2012-0037</a>: OpenOffice.org data leakage vulnerability</li>
Added: openoffice/ooo-site/trunk/content/security/cves/CVE-2018-11790.html
URL: http://svn.apache.org/viewvc/openoffice/ooo-site/trunk/content/security/cves/CVE-2018-11790.html?rev=1851294&view=auto
==============================================================================
--- openoffice/ooo-site/trunk/content/security/cves/CVE-2018-11790.html (added)
+++ openoffice/ooo-site/trunk/content/security/cves/CVE-2018-11790.html Mon Jan 14 20:50:54 2019
@@ -0,0 +1,106 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <title>CVE-2018-11790</title>
+ <style type="text/css"></style>
+ </head>
+
+ <body>
+ <p>
+ <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-11790">
+ CVE-2018-11790
+ </a>
+ </p>
+ <p>
+ <a href="https://www.openoffice.org/security/cves/CVE-2018-11790.html">
+ Apache OpenOffice Advisory
+ </a>
+ </p>
+
+ <p style="text-align:center; font-size:largest">
+ <strong>CVE-2018-11790 Arithmetic overflow and wrap around during
+ sting length calculation
+ </strong>
+ </p>
+
+ <p style="text-align:center; font-size:larger">
+ <strong>Fixed in Apache OpenOffice 4.1.6</strong>
+ </p>
+
+ <p><strong>Description</strong></p>
+
+
+ <p> When loading a document with smaller end line termination then the
+ operating system uses, the defect occurs.
+ In this case OpenOffice runs into an Arithmetic Overflow at a string
+ length calculation.
+ </p>
+
+ <p><strong>Severity: Medium</strong></p>
+
+ <p>There are no known exploits of this vulnerability.<br />
+ A proof-of-concept demonstration exists.</br>
+ <a href=https://ssd-disclosure.com/index.php/archives/3758>
+ ssd-disclosure
+ </a>
+ </p>
+
+ <p>Thanks to the reporter for discovering this issue.</p>
+
+ <p>
+ <strong>Vendor: The Apache Software Foundation</strong>
+ </p>
+
+ <p>
+ <strong>Versions Affected</strong>
+ </p>
+
+ <p>
+ All Apache OpenOffice versions 4.1.5 and older are affected.<br />
+ OpenOffice.org versions are also affected.
+ </p>
+
+ <p>
+ <strong>Mitigation</strong>
+ </p>
+
+ <p>
+ Install Apache OpenOffice 4.1.6 for the latest maintenance and
+ cumulative security fixes. Use the Apache OpenOffice
+ <a href="https://www.openoffice.org/download/">download page</a>.
+ </p>
+
+ <p>
+ <strong>Further Information</strong>
+ </p>
+ <p>For additional information and assistance, consult the
+ <a href="https://forum.openoffice.org/">
+ Apache OpenOffice Community Forums
+ </a>
+ or make requests to the
+ <a href="mailto:users@openoffice.apache.org">
+ users@openoffice.apache.org
+ </a>
+ public mailing list.
+ </p>
+ <p>The latest information on Apache OpenOffice security bulletins
+ can be found at the
+ <a href="https://www.openoffice.org/security/bulletin.html">
+ Bulletin Archive page
+ </a>.
+ </p>
+
+
+ <hr />
+
+ <p>
+ <a href="http://security.openoffice.org">Security Home</a> ->
+ <a href="http://www.openoffice.org/security/bulletin.html">
+ Bulletin
+ </a> ->
+ <a href="https://www.openoffice.org/security/cves/CVE-2018-11790.html">
+ CVE-2018-11790
+ </a>
+ </p>
+ </body>
+</html>
Propchange: openoffice/ooo-site/trunk/content/security/cves/CVE-2018-11790.html
------------------------------------------------------------------------------
svn:eol-style = native