'[oss-security] Re: Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrar'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrar
From:       Jan Lieskovsky <jlieskov () redhat ! com>
Date:       2012-05-29 8:26:46
Message-ID: 4FC48846.3030906 () redhat ! com
[Download RAW message or body]

On 05/28/2012 05:09 PM, Jan Lieskovsky wrote:
> Hello Apache OpenOffice.org, LibreOffice Security Teams, vendors,
>
> originally the CVE-2012-2334 security flaw has been described as follows:
> [1] http://www.openoffice.org/security/cves/CVE-2012-2334.html
> [2] http://www.libreoffice.org/advisories/cve-2012-2334/
>
> during internal audit of relevant upstream patches:
> [3] http://cgit.freedesktop.org/libreoffice/core/commit/?id=28a6558f9d3ca2dda3191f8b5b3f2378ee2533da
> [4] http://cgit.freedesktop.org/libreoffice/core/commit/?id=512401decb286ba0fc3031939b8f7de8649c502e
>
> it has been observed by Florian Weimer that the [4] patch also corrected
> and integer overflow, being present in the SvxMSDffManager::GetFidclData()
> routine, which might lead under certain circumstances to possibility
> of arbitrary code execution too.
>
> Update CVE-2012-2334 flaw description is at:
> [5] https://bugzilla.redhat.com/show_bug.cgi?id=821803#c0
>
> This post is intended to serve as kind request to OpenOffice.org and
> LibreOffice upstream, they to update their corresponding advisories
> ([1], [2]) to reflect this fact.
>
> For what is related against upstream patches -- upon testing we can confirm,
> the original ones were complete and this is in no way a new security flaw.
>
> But something, which got corrected upstream in previous release(s), and
> should mention possibility of arbitrary code execution too in order to properly
> describe this deficiency.
>
> OpenOffice.org / LibreOffice upstreams - please update your advisories to
> reflect this if possible yet.
>
> OSS vendors, please note this notification (for case you previously categorized
> fix for the CVE-2012-2334 flaw as something to be postponed due to lower
> impact).

Hello Apache OpenOffice.org, LibreOffice Security Teams, vendors,

   updating the credit information yet it to sound more correctly / appropriately:

>
> Credit for the discovery should go to: Florian Weimer of Red Hat

The above should have read as:
"Florian Weimer, Red Hat Product Security Team"

Please use this new / latter form in your advisories.

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

>
> Thank you && Regards, Jan.
> --
> Jan iankko Lieskovsky / Red Hat Security Response Team
>
> P.S.: Would you need further background details due this, contact me or
> Florian off list.
>

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic