rpms/openoffice.org/F-7 openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch, NONE, 1.1 openoffice.org.spec, 1.1177, 1.1178
Caolan McNamara (caolanm)
fedora-extras-commits at redhat.com
Fri Jun 1 11:41:26 UTC 2007
Author: caolanm
Update of /cvs/pkgs/rpms/openoffice.org/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14693
Modified Files:
openoffice.org.spec
Added Files:
openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch
Log Message:
Resolves: CVE-2007-0245
openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch:
--- NEW FILE openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch ---
Index: source/filter/rtf/swparrtf.cxx
===================================================================
RCS file: /cvs/sw/sw/source/filter/rtf/swparrtf.cxx,v
retrieving revision 1.64.36.1
diff -u -r1.64.36.1 swparrtf.cxx
--- openoffice.org.orig/sw/source/filter/rtf/swparrtf.cxx 1 Feb 2007 18:23:13 -0000 1.64.36.1
+++ openoffice.org/sw/source/filter/rtf/swparrtf.cxx 7 Apr 2007 11:03:07 -0000
@@ -3684,25 +3684,12 @@
void SwRTFParser::ReadPrtData()
{
- // der Eingabe Stream steht auf der aktuellen Position
- USHORT nLen = USHORT( nTokenValue ), nCnt = 0;
- BYTE * pData = new BYTE[ nLen ];
-
- while( IsParserWorking() ) // lese bis zur schliessenden Klammer
- {
- int nToken = GetNextToken();
- if( RTF_TEXTTOKEN == nToken )
- {
- xub_StrLen nTknLen = HexToBin( aToken );
- if( STRING_NOTFOUND != nTknLen )
- {
- memcpy( pData + nCnt, (sal_Char*)aToken.GetBuffer(), nTknLen );
- nCnt += nTknLen;
- }
- }
- else if( '}' == nToken )
- break;
- }
+ while( IsParserWorking() )
+ {
+ int nToken = GetNextToken();
+ if( (RTF_TEXTTOKEN != nToken) && ('}' == nToken) )
+ break;
+ }
SkipToken( -1 ); // schliessende Klammer wieder zurueck!!
}
Index: openoffice.org.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openoffice.org/F-7/openoffice.org.spec,v
retrieving revision 1.1177
retrieving revision 1.1178
diff -u -r1.1177 -r1.1178
--- openoffice.org.spec 31 May 2007 16:14:00 -0000 1.1177
+++ openoffice.org.spec 1 Jun 2007 11:40:49 -0000 1.1178
@@ -134,6 +134,7 @@
Patch75: openoffice.org-2.2.0.ooo76424.nonatnum.bn_IN.18npool.patch
Patch76: workspace.cmcfixes34.patch
Patch77: openoffice.org-2.2.0.ooo77470.docexport.liberation.to.ms.patch
+Patch78: openoffice.org-2.2.1.ooo77214.rtfprtdata.sw.patch
%define instdir %{_libdir}/openoffice.org
@@ -1061,6 +1062,7 @@
%patch75 -p1 -b .ooo76424.nonatnum.bn_IN.18npool.patch
%patch76 -p1 -b .workspace.cmcfixes34.patch
%patch77 -p1 -b .ooo77470.docexport.liberation.to.ms.patch
+%patch78 -p1 -b .ooo77214.rtfprtdata.sw.patch
cp %{SOURCE1} extras/source/database/evolocal.odb
@@ -2638,7 +2640,8 @@
%{instdir}/share/registry/modules/org/openoffice/Office/Scripting/Scripting-python.xcu
%changelog
-* Thu May 31 2007 Caolan McNamara <caolanm at redhat.com> - 1:2.2.0-14.10
+* Fri Jun 01 2007 Caolan McNamara <caolanm at redhat.com> - 1:2.2.0-14.10
+- Resolves: CVE-2007-0245
- add workspace.cmcfixes34.patch for int(0) not being promoted to long
NULL in ellipsed methods
- Resolves: rhbz#241875 get script detection right for range vs point
More information about the scm-commits
mailing list