Please read this before reporting a bug:
http://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines
Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
http://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines
Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#42982 - [antiword] buffer overflow (CVE-2014-8123)
Attached to Project:
Community Packages
Opened by Remi Gacogne (rgacogne) - Tuesday, 02 December 2014, 08:52 GMT
Last edited by Lukas Fleischer (lfleischer) - Wednesday, 03 December 2014, 23:10 GMT
Opened by Remi Gacogne (rgacogne) - Tuesday, 02 December 2014, 08:52 GMT
Last edited by Lukas Fleischer (lfleischer) - Wednesday, 03 December 2014, 23:10 GMT
|
DetailsA buffer overflow has been found in antiword <= 0.37 [1]. While the issue has been acknowledge and the patch accepted, it does not seem that a new release will be issued soon. I believe we might want to backport the fix.
[1] http://seclists.org/oss-sec/2014/q4/874 |
This task depends upon
Closed by Lukas Fleischer (lfleischer)
Wednesday, 03 December 2014, 23:10 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in 0.37-5.
Wednesday, 03 December 2014, 23:10 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in 0.37-5.