rpms/openoffice.org/FC-5 openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch, NONE, 1.1 openoffice.org.spec, 1.687, 1.688
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Jun 1 11:16:40 UTC 2007
Author: caolanm
Update of /cvs/dist/rpms/openoffice.org/FC-5
In directory cvs.devel.redhat.com:/tmp/cvs-serv1710
Modified Files:
openoffice.org.spec
Added Files:
openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch
Log Message:
openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch
openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch:
source/filter/rtf/swparrtf.cxx | 0
sw/source/filter/rtf/swparrtf.cxx | 25 ++++++-------------------
2 files changed, 6 insertions(+), 19 deletions(-)
--- NEW FILE openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch ---
Index: source/filter/rtf/swparrtf.cxx
===================================================================
RCS file: /cvs/sw/sw/source/filter/rtf/swparrtf.cxx,v
retrieving revision 1.64.36.1
diff -u -r1.64.36.1 swparrtf.cxx
--- openoffice.org.orig/sw/source/filter/rtf/swparrtf.cxx 1 Feb 2007 18:23:13 -0000 1.64.36.1
+++ openoffice.org/sw/source/filter/rtf/swparrtf.cxx 7 Apr 2007 11:03:07 -0000
@@ -3684,25 +3684,12 @@
void SwRTFParser::ReadPrtData()
{
- // der Eingabe Stream steht auf der aktuellen Position
- USHORT nLen = USHORT( nTokenValue ), nCnt = 0;
- BYTE * pData = new BYTE[ nLen ];
-
- while( IsParserWorking() ) // lese bis zur schliessenden Klammer
- {
- int nToken = GetNextToken();
- if( RTF_TEXTTOKEN == nToken )
- {
- xub_StrLen nTknLen = HexToBin( aToken );
- if( STRING_NOTFOUND != nTknLen )
- {
- memcpy( pData + nCnt, (sal_Char*)aToken.GetBuffer(), nTknLen );
- nCnt += nTknLen;
- }
- }
- else if( '}' == nToken )
- break;
- }
+ while( IsParserWorking() )
+ {
+ int nToken = GetNextToken();
+ if( (RTF_TEXTTOKEN != nToken) && ('}' == nToken) )
+ break;
+ }
SkipToken( -1 ); // schliessende Klammer wieder zurueck!!
}
Index: openoffice.org.spec
===================================================================
RCS file: /cvs/dist/rpms/openoffice.org/FC-5/openoffice.org.spec,v
retrieving revision 1.687
retrieving revision 1.688
diff -u -r1.687 -r1.688
--- openoffice.org.spec 20 Feb 2007 14:23:33 -0000 1.687
+++ openoffice.org.spec 1 Jun 2007 11:16:38 -0000 1.688
@@ -1,6 +1,6 @@
%define oootag OOB680
%define ooomilestone 5
-%define rh_rpm_release 21
+%define rh_rpm_release 22
%define build_fc5 1
@@ -190,6 +190,7 @@
Patch62: openoffice.org-2.2.0.rh228008.escape.shell.patch
Patch63: openoffice.org-2.2.0.rh226966.scoverflow.sc.patch
Patch64: openoffice.org-2.0.4.ooo71039.svx.purevirtual.patch
+Patch65: openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch
%define instdir %{_libdir}/openoffice.org2.0
@@ -863,6 +864,7 @@
%patch62 -p1 -b .rh228008.escape.shell.patch
%patch63 -p1 -b .rh226966.scoverflow.sc.patch
%patch64 -p1 -b .ooo71039.svx.purevirtual.patch
+%patch65 -p1 -b .ooo77214.rtfprtdata.sw.patch
%if %{includingexternals}
#start ludicrous workaround
@@ -3308,6 +3310,9 @@
%{instdir}/share/registry/modules/org/openoffice/Office/Scripting/Scripting-python.xcu
%changelog
+* Fri Jun 01 2007 Caolan McNamara <caolanm at redhat.com> - 1:2.0.2-5.22
+- Resolves: CVE-2007-0245 ooo#77214 rtf prtdata
+
* Tue Feb 20 2007 Caolan McNamara <caolanm at redhat.com> - 1:2.0.2-5.21
- Resolves: CVE-2007-0239 rhbz#228008 shell escape
- Resolves: CVE-2007-0238 rhbz#226966 buffer overflows
More information about the fedora-cvs-commits
mailing list