---
- branch: MAIN
  date: Sun Apr 20 13:17:55 UTC 2008
  files:
  - new: '1.35'
    old: '1.34'
    path: pkgsrc/misc/openoffice2-bin/Makefile
    pathrev: pkgsrc/misc/openoffice2-bin/Makefile@1.35
    type: modified
  - new: '1.14'
    old: '1.13'
    path: pkgsrc/misc/openoffice2-bin/distinfo
    pathrev: pkgsrc/misc/openoffice2-bin/distinfo@1.14
    type: modified
  id: 20080420T131755Z.74e97eb39cc9548712703bb518afe6395c5f3f1d
  log: |
    Update "openoffice2-bin" package to version 2.4.0. This update fixes
    the following security vulnerabilities:
    - CVE-2007-4770/4771: Manipulated ODF text documents containing XForms can
      lead to heap overflows and arbitrary code execution
    - CVE-2007-5745/5747: Manipulated Quattro Pro files can lead to heap
      overflows and arbitrary code execution
    - CVE-2007-5746: Manipulated EMF files can lead to heap overflows and
      arbitrary code execution
    - CVE-2008-0320: Manipulated OLE files can lead to heap overflows and
      arbitrary code execution
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/misc/openoffice2-bin'
  unixtime: '1208697475'
  user: tron