openoffice-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r970503 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/ content/security/cves/CVE-2015-1774.html
Date Wed, 28 Oct 2015 15:27:04 GMT
Author: buildbot
Date: Wed Oct 28 15:27:03 2015
New Revision: 970503

Log:
Staging update by buildbot for ooo-site

Modified:
    websites/staging/ooo-site/trunk/cgi-bin/   (props changed)
    websites/staging/ooo-site/trunk/content/   (props changed)
    websites/staging/ooo-site/trunk/content/security/cves/CVE-2015-1774.html

Propchange: websites/staging/ooo-site/trunk/cgi-bin/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Wed Oct 28 15:27:03 2015
@@ -1 +1 @@
-1710937
+1711033

Propchange: websites/staging/ooo-site/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Wed Oct 28 15:27:03 2015
@@ -1 +1 @@
-1710937
+1711033

Modified: websites/staging/ooo-site/trunk/content/security/cves/CVE-2015-1774.html
==============================================================================
--- websites/staging/ooo-site/trunk/content/security/cves/CVE-2015-1774.html (original)
+++ websites/staging/ooo-site/trunk/content/security/cves/CVE-2015-1774.html Wed Oct 28 15:27:03
2015
@@ -3,9 +3,9 @@
 <head>
 <link href="/css/ooo.css" rel="stylesheet" type="text/css">
 
-	<title>CVE-2015-1774</title>
-	<style type="text/css"></style>
-
+        <title>CVE-2015-1774</title>
+        <style type="text/css"></style>
+    
 <!--#include virtual="/google-analytics.js" --> 
 <!--#include virtual="/scripts/entourage.js" -->
 </head>
@@ -22,74 +22,98 @@
     
     
     
-	<h3><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-1774">CVE-2015-1774</a></h3>
-    <h3><a href="http://www.openoffice.org/security/cves/CVE-2015-1774.html">Apache
OpenOffice Advisory</a></h3>
-
-	<h2>Out-of-Bounds Write in HWP File Filter</h2>
+    <!-- These were previously defined as XHTML pages.  The current
+         wrapping for the site introduces HTML5 headers and formats.
+         This version is modified to match the wrapping that is done as part
+         of publishing this page and not rely on any particular styling
+         beyond <p> and <h1> through <h3>.
+         -->
+        <h3>
+            <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-1774">CVE-2015-1774</a>
+        </h3>
+        <h3>
+            <a href="http://www.openoffice.org/security/cves/CVE-2015-1774.html">Apache
OpenOffice Advisory</a>
+        </h3>
+
+        <h2>Out-of-Bounds Write in HWP File Filter</h2>
+
+
+        <p>
+            <strong>Version 2.0</strong>
+            <br />
+            Announced April 27, 2015<br />
+        Updated October 28, 2015</p>
 
-    <dl>
-    <dt><strong>Version 2.0</strong></dt>
-        <dd>Announced April 27, 2015<br />
-        Updated October 28, 2015</dt>
-    </dl>
-
-    <p>
+        <p>
         A vulnerability in OpenOffice's HWP filter allows attackers to cause a
         denial of service (memory corruption and application crash) and possible
         execution of arbitrary code.
     </p>
-  
-	<h4>Severity: Important</h4>
-	<h4>Vendor: The Apache Software Foundation</h4>
-    <dl>
-        <dt><strong>Versions Affected</strong></dt>
-        <dd>All Apache OpenOffice versions 4.1.1 and older are affected.<br />
-            OpenOffice.org versions are also affected.</dd>
-    </dl>
-    
 
-    <h4>Mitigation</h4>
-    <p>Update to Apache OpenOffice 4.1.2 or a later version.</p>
-    <p>
+        <p>
+            <strong>Severity: Important</strong>
+        </p>
+        <p>
+            <strong>Vendor: The Apache Software Foundation</strong>
+        </p>
+
+        <p>
+            <strong>Versions Affected</strong>
+            <br />
+    All Apache OpenOffice versions 4.1.1 and older are affected.<br />
+            OpenOffice.org versions are also affected.</p>
+
+
+        <p>
+            <strong>Mitigation</strong>
+        </p>
+        <p>Update to Apache OpenOffice 4.1.2 or a later version.</p>
+        <p>
         This mitigation drops Apache OpenOffice support for documents
         created in "Hangul Word Processor" format.  The filter is not
         installed; it will not be used if present.
     </p>
-	<h4>Workarounds and Document Migration</h4>
-    <p>
+        <p>
+            <strong>Workarounds and Document Migration</strong>
+        </p>
+        <p>
         Users of older HWP-format documents that are already trusted should
         convert those documents to other formats before removing the filter
         or upgrading to Apache OpenOffice version 4.1.2.
     </p>
-	<p>
+        <p>
         Apache OpenOffice users who do not upgrade can remove the
         problematic filter themselves.  The filter is in the "program"
         folder of their OpenOffice installation.  On <strong>Windows</strong>
-        the filter is named "hwp.dll", on <strong>Mac OS X</strong> it is named

+        the filter is named "hwp.dll", on <strong>Mac OS X</strong> it is named
         "libhwp.dylib" and on <strong>Linux</strong> it is named "libhwp.so".
-        Alternatively the filter can be renamed to anything else (e.g. 
+        Alternatively the filter can be renamed to anything else (e.g.
         "hwp_renamed.dll") to disable its use.
     </p>
 
 
 
-	<h4>Further Information</h4>
-        <p>For additional information and assistance, consult the 
+        <p>
+            <strong>Further Information</strong>
+        </p>
+        <p>For additional information and assistance, consult the
            <a href="https://forum.openoffice.org/">Apache OpenOffice Community Forums</a>
-           or make requests to the 
-           <a href="mailto:users@openofffice.apache.org">users@openofffice.apache.org</a>

+           or make requests to the
+           <a href="mailto:users@openofffice.apache.org">users@openofffice.apache.org</a>
            public mailing list.
         </p>
 
-	<h4>Credits</h4>
-	<p>Thanks to an anonymous contributor working with VeriSign iDefense Labs.</p>
+        <h4>Credits</h4>
+        <p>Thanks to an anonymous contributor working with VeriSign iDefense Labs.</p>
 
-	<hr />
+        <hr />
 
-	<p><a href="http://security.openoffice.org">Security Home</a>
-	-&gt; <a href="http://security.openoffice.org/bulletin.html">Bulletin</a>
-	-&gt; <a href="http://www.openoffice.org/security/cves/CVE-2015-1774.html">CVE-2015-1774</a></p>
-
+        <p>
+            <a href="http://security.openoffice.org">Security Home</a>
+    -&gt; <a href="http://security.openoffice.org/bulletin.html">Bulletin</a>
+    -&gt; <a href="http://www.openoffice.org/security/cves/CVE-2015-1774.html">CVE-2015-1774</a>
+        </p>
+    
   </div>
 <!--#include virtual="/footer.html" -->
 </body>



Mime
View raw message