[Whitebox-announce] [WBSA-2004:160-01] Updated OpenOffice packages fix security
vulnerability in neon
John Morris
jmorris@beau.org
Mon, 19 Apr 2004 20:57:59 -0500 (CDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ----------------------------------------------------------------------
Security Advisory
Synopsis: Updated OpenOffice packages fix security vulnerability in neon
Advisory ID: [WBSA-2004:160-01]
Issue date: 2004-04-14
Updated on: 2004-04-19
Product: White Box Enterprise Linux 3.0 (i386)
Keywords:
Cross references:
Obsoletes:
CVE Names: CAN-2004-0179
- ----------------------------------------------------------------------
NOTICE: This package is not just a security fix. RedHat has released
OpenOffice.org 1.1 as a patch for this security problem. Besides being a
new version, the name of the package has changed from openoffice to
openoffice.org so up2date over Yum will NOT automatically detect it. This
means you are going to have to manually obtain and install this errata.
Due to it's size, PLEASE use a mirror.
---------------
Updated OpenOffice packages that fix a vulnerability in neon exploitable
by a malicious DAV server are now available.
More information is available in Red Hat, Inc's original advisory
available on their site at:
http://www.redhat.com/archives/enterprise-watch-list/2004-April/msg00004.html
To install this new package on your White Box Enterprise Linux system
use the Up2Date Network or Yum.
Note: Be sure to change the default Up2Date or Yum server from the
initial location to prevent undue load to the whiteboxlinux.org
server, which doesn't have a lot of outbound bandwidth. The config
files already have entries for mirror sites commented out.
Up2Date's configuration file is at /etc/sysconfig/rhn/sources
Yum's configuration is in /etc/yum.conf
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Made with pgp4pine 1.76
iD8DBQFAhIOtqME6bvnsqA8RAn1IAKDMDkidNchCMRWMprAbY/3rns8tjACePCYR
nRr2RUxfhDszGXyd2pwciKU=
=Ns4m
-----END PGP SIGNATURE-----