SuSE Local Security Checks : openSUSE: Security Advisory for calligra (openSUSE-SU-2012:1061-1)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.850417

Kategorie: SuSE Local Security Checks

Titel: openSUSE: Security Advisory for calligra (openSUSE-SU-2012:1061-1)

Zusammenfassung: The remote host is missing an update for the 'calligra'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'calligra'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Fix buffer overflow in MS Word ODF filter among other
non-security related bugs.

Also a version update to 2.4.3 happened:

* Words:

- Always show vertical scroll bar to avoid race
condition (kde#301076)

- Do not save with an attribute that makes LibreOffice
and OpenOffice crash (kde#298689 )

* Kexi:

- Fixed import from csv when Start at Line value
changed (kde#302209)

- Set limit to 255 characters for Text type (VARCHAR)
(kde#301277 and 301136)
+ - Remove limits for Text data type, leave as option
(kde#301277)

- Fixed data saving when focus policy for one of
widgets is NoFocus (kde#301109)

* Krita:

- Read and set the resolution for psd images

* Charts:

- Fix load/save styles of all shapes
(title, subtitle, axistitles, footer, etc.)

- Lines in the chart should be displayed (kde#271771)

- Combined Bar and Line Charts only show bars
(Trendlines not supported) (kde#288537)

- Load/save chart type for each dataset (kde#271771 and
288537)

Affected Software/OS:
calligra on openSUSE 12.2

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-3456
BugTraq ID: 54816
http://www.securityfocus.com/bid/54816
HPdes Security Advisory: HPSBMU02873
http://marc.info/?l=bugtraq&m=136733075705494&w=2
HPdes Security Advisory: SSRT101182
http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf
http://www.openwall.com/lists/oss-security/2012/08/04/1
http://www.openwall.com/lists/oss-security/2012/08/04/5
http://www.openwall.com/lists/oss-security/2012/08/06/1
http://www.openwall.com/lists/oss-security/2012/08/06/6
http://www.openwall.com/lists/oss-security/2012/08/10/1
http://secunia.com/advisories/50050
SuSE Security Announcement: openSUSE-SU-2012:1061 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00026.html
http://www.ubuntu.com/usn/USN-1525-1
XForce ISS Database: calligra-styles-bo(77482)
https://exchange.xforce.ibmcloud.com/vulnerabilities/77482

Copyright Copyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.850417
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for calligra (openSUSE-SU-2012:1061-1)
Zusammenfassung:	The remote host is missing an update for the 'calligra'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'calligra' package(s) announced via the referenced advisory. Vulnerability Insight: Fix buffer overflow in MS Word ODF filter among other non-security related bugs. Also a version update to 2.4.3 happened: * Words: - Always show vertical scroll bar to avoid race condition (kde#301076) - Do not save with an attribute that makes LibreOffice and OpenOffice crash (kde#298689 ) * Kexi: - Fixed import from csv when Start at Line value changed (kde#302209) - Set limit to 255 characters for Text type (VARCHAR) (kde#301277 and 301136) + - Remove limits for Text data type, leave as option (kde#301277) - Fixed data saving when focus policy for one of widgets is NoFocus (kde#301109) * Krita: - Read and set the resolution for psd images * Charts: - Fix load/save styles of all shapes (title, subtitle, axistitles, footer, etc.) - Lines in the chart should be displayed (kde#271771) - Combined Bar and Line Charts only show bars (Trendlines not supported) (kde#288537) - Load/save chart type for each dataset (kde#271771 and 288537) Affected Software/OS: calligra on openSUSE 12.2 Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3456 BugTraq ID: 54816 http://www.securityfocus.com/bid/54816 HPdes Security Advisory: HPSBMU02873 http://marc.info/?l=bugtraq&m=136733075705494&w=2 HPdes Security Advisory: SSRT101182 http://media.blackhat.com/bh-us-12/Briefings/C_Miller/BH_US_12_Miller_NFC_attack_surface_WP.pdf http://www.openwall.com/lists/oss-security/2012/08/04/1 http://www.openwall.com/lists/oss-security/2012/08/04/5 http://www.openwall.com/lists/oss-security/2012/08/06/1 http://www.openwall.com/lists/oss-security/2012/08/06/6 http://www.openwall.com/lists/oss-security/2012/08/10/1 http://secunia.com/advisories/50050 SuSE Security Announcement: openSUSE-SU-2012:1061 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00026.html http://www.ubuntu.com/usn/USN-1525-1 XForce ISS Database: calligra-styles-bo(77482) https://exchange.xforce.ibmcloud.com/vulnerabilities/77482
Copyright	Copyright (C) 2013 Greenbone Networks GmbH