[Bug 1437087] Re: Multiple vulnerabilities in freexl 1.0.0
Launchpad Bug Tracker
1437087 at bugs.launchpad.net
Mon Apr 6 21:15:48 UTC 2015
This bug was fixed in the package freexl - 1.0.0g-1ubuntu0.14.10.1
---------------
freexl (1.0.0g-1ubuntu0.14.10.1) utopic-security; urgency=high
* SECURITY UPDATE: Fix multiple vulnerabilities allowing denial of service
or possibly execute arbitrary code (LP: #1437087):
- CVE 2015-2753: FreeXL before 1.0.0i allows remote attackers to cause a
denial of service (stack corruption) or possibly execute arbitrary code
via a crafted sector in a workbook.
- CVE 2015-2754: FreeXL before 1.0.0i allows remote attackers to cause a
denial of service (stack corruption) and possibly execute arbitrary code
via a crafted workbook, related to a "premature EOF."
-- Johan Van de Wauw <johan.vandewauw at gmail.com> Fri, 03 Apr 2015 22:47:20 +0200
** Changed in: freexl (Ubuntu)
Status: In Progress => Fix Released
** Changed in: freexl (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1437087
Title:
Multiple vulnerabilities in freexl 1.0.0
Status in freexl package in Ubuntu:
Fix Released
Status in freexl package in Debian:
Fix Released
Bug description:
Different vulnerabilities were found in freexl
http://seclists.org/oss-sec/2015/q1/1004
These are being fixed in debian (#781228).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freexl/+bug/1437087/+subscriptions
More information about the Ubuntu-sponsors
mailing list