Subject: CVS commit: [pkgsrc-2008Q1] pkgsrc/misc/openoffice2-bin
From: Tyler R. Retzlaff
Date: 2008-04-22 16:29:57
Message id: 20080422142957.27616175D7@cvs.netbsd.org
Log Message:
pullup ticket #2345 - requested by tron
vixes several security vulnerabilities

Revisions pulled up:
- pkgsrc/misc/openoffice2-bin/Makefile	1.35
- pkgsrc/misc/openoffice2-bin/distinfo	1.14

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Sun Apr 20 13:17:55 UTC 2008

   Modified Files:
   	pkgsrc/misc/openoffice2-bin: Makefile distinfo

   Log Message:
   Update "openoffice2-bin" package to version 2.4.0. This update fixes
   the following security vulnerabilities:
   - CVE-2007-4770/4771: Manipulated ODF text documents containing XForms can
    lead to heap overflows and arbitrary code execution
   - CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap
    overflows and arbitrary code execution
   - CVE-2007-5746: Manipulated EMF files can lead to heap overflows and
    arbitrary code execution
   - CVE-2008-0320: Manipulated OLE files can lead to heap overflows and
    arbitrary code execution
Files:
RevisionActionfile
1.34.4.1modifypkgsrc/misc/openoffice2-bin/Makefile
1.13.4.1modifypkgsrc/misc/openoffice2-bin/distinfo