Issued:
2007-03-16
Updated:
2007-03-16

RHSA-2007:0055 - Security Advisory

Synopsis

Important: libwpd security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated libwpd packages to correct a security issue are now available for
Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

libwpd is a library for reading and converting Word Perfect documents.

iDefense reported several overflow bugs in libwpd. An attacker could
create a carefully crafted Word Perfect file that could cause an
application linked with libwpd, such as OpenOffice, to crash or possibly
execute arbitrary code if the file was opened by a victim. (CVE-2007-0002)

All users are advised to upgrade to these updated packages, which contain a
backported fix for this issue.

Red Hat would like to thank Fridrich Strba for alerting us to these issues
and providing a patch.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

Red Hat Enterprise Linux Server 5

SRPM
libwpd-0.8.7-3.el5.src.rpm SHA-256: 68d5f22caee6d49310032888ee9ea8343a63e09a9555ab1ea3861a407b845fc6
x86_64
libwpd-0.8.7-3.el5.i386.rpm SHA-256: 6395d852aafd64f3a5189a808bad14163a74fd8bf94196c5c7f67bd63df8627f
libwpd-0.8.7-3.el5.x86_64.rpm SHA-256: bfe5632959be3b36f613e1e526b9447a3b525ec18ac23971159d01859163fec6
libwpd-devel-0.8.7-3.el5.i386.rpm SHA-256: c2574c89e28398a6dc409563d373484e9cb390f94a80706a52d596acf3e635f2
libwpd-devel-0.8.7-3.el5.x86_64.rpm SHA-256: 1040f5b72fa4644afef4712fe8cbb89fa874453346d9a529c0c42dc53b3da288
libwpd-tools-0.8.7-3.el5.x86_64.rpm SHA-256: 29cc7b0f2c5a60049e641828d226d91a2acb14d328f60b25587caf02ad69de2a
i386
libwpd-0.8.7-3.el5.i386.rpm SHA-256: 6395d852aafd64f3a5189a808bad14163a74fd8bf94196c5c7f67bd63df8627f
libwpd-devel-0.8.7-3.el5.i386.rpm SHA-256: c2574c89e28398a6dc409563d373484e9cb390f94a80706a52d596acf3e635f2
libwpd-tools-0.8.7-3.el5.i386.rpm SHA-256: 0f590f757c86fa729561925d19511d3ac1099bbb1d8550f792df3a3273bf5e39

Red Hat Enterprise Linux Workstation 5

SRPM
libwpd-0.8.7-3.el5.src.rpm SHA-256: 68d5f22caee6d49310032888ee9ea8343a63e09a9555ab1ea3861a407b845fc6
x86_64
libwpd-0.8.7-3.el5.i386.rpm SHA-256: 6395d852aafd64f3a5189a808bad14163a74fd8bf94196c5c7f67bd63df8627f
libwpd-0.8.7-3.el5.x86_64.rpm SHA-256: bfe5632959be3b36f613e1e526b9447a3b525ec18ac23971159d01859163fec6
libwpd-devel-0.8.7-3.el5.i386.rpm SHA-256: c2574c89e28398a6dc409563d373484e9cb390f94a80706a52d596acf3e635f2
libwpd-devel-0.8.7-3.el5.x86_64.rpm SHA-256: 1040f5b72fa4644afef4712fe8cbb89fa874453346d9a529c0c42dc53b3da288
libwpd-tools-0.8.7-3.el5.x86_64.rpm SHA-256: 29cc7b0f2c5a60049e641828d226d91a2acb14d328f60b25587caf02ad69de2a
i386
libwpd-0.8.7-3.el5.i386.rpm SHA-256: 6395d852aafd64f3a5189a808bad14163a74fd8bf94196c5c7f67bd63df8627f
libwpd-devel-0.8.7-3.el5.i386.rpm SHA-256: c2574c89e28398a6dc409563d373484e9cb390f94a80706a52d596acf3e635f2
libwpd-tools-0.8.7-3.el5.i386.rpm SHA-256: 0f590f757c86fa729561925d19511d3ac1099bbb1d8550f792df3a3273bf5e39

Red Hat Enterprise Linux Desktop 5

SRPM
libwpd-0.8.7-3.el5.src.rpm SHA-256: 68d5f22caee6d49310032888ee9ea8343a63e09a9555ab1ea3861a407b845fc6
x86_64
libwpd-0.8.7-3.el5.i386.rpm SHA-256: 6395d852aafd64f3a5189a808bad14163a74fd8bf94196c5c7f67bd63df8627f
libwpd-0.8.7-3.el5.x86_64.rpm SHA-256: bfe5632959be3b36f613e1e526b9447a3b525ec18ac23971159d01859163fec6
libwpd-tools-0.8.7-3.el5.x86_64.rpm SHA-256: 29cc7b0f2c5a60049e641828d226d91a2acb14d328f60b25587caf02ad69de2a
i386
libwpd-0.8.7-3.el5.i386.rpm SHA-256: 6395d852aafd64f3a5189a808bad14163a74fd8bf94196c5c7f67bd63df8627f
libwpd-tools-0.8.7-3.el5.i386.rpm SHA-256: 0f590f757c86fa729561925d19511d3ac1099bbb1d8550f792df3a3273bf5e39

Red Hat Enterprise Linux Server from RHUI 5

SRPM
libwpd-0.8.7-3.el5.src.rpm SHA-256: 68d5f22caee6d49310032888ee9ea8343a63e09a9555ab1ea3861a407b845fc6
x86_64
libwpd-0.8.7-3.el5.i386.rpm SHA-256: 6395d852aafd64f3a5189a808bad14163a74fd8bf94196c5c7f67bd63df8627f
libwpd-0.8.7-3.el5.x86_64.rpm SHA-256: bfe5632959be3b36f613e1e526b9447a3b525ec18ac23971159d01859163fec6
libwpd-devel-0.8.7-3.el5.i386.rpm SHA-256: c2574c89e28398a6dc409563d373484e9cb390f94a80706a52d596acf3e635f2
libwpd-devel-0.8.7-3.el5.x86_64.rpm SHA-256: 1040f5b72fa4644afef4712fe8cbb89fa874453346d9a529c0c42dc53b3da288
libwpd-tools-0.8.7-3.el5.x86_64.rpm SHA-256: 29cc7b0f2c5a60049e641828d226d91a2acb14d328f60b25587caf02ad69de2a
i386
libwpd-0.8.7-3.el5.i386.rpm SHA-256: 6395d852aafd64f3a5189a808bad14163a74fd8bf94196c5c7f67bd63df8627f
libwpd-devel-0.8.7-3.el5.i386.rpm SHA-256: c2574c89e28398a6dc409563d373484e9cb390f94a80706a52d596acf3e635f2
libwpd-tools-0.8.7-3.el5.i386.rpm SHA-256: 0f590f757c86fa729561925d19511d3ac1099bbb1d8550f792df3a3273bf5e39

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.