About Ubuntu

=========================================================== Ubuntu Security Notice USN-202-1 October 12, 2005 koffice vulnerability CAN-2005-2971 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: koffice-libs kword The problem can be corrected by upgrading the affected package to version 1:1.3.5-2ubuntu1.1. After a standard system upgrade you need to restart all KOffice applications to effect the necessary changes. Details follow: Chris Evans discovered a buffer overflow in the RTF import module of KOffice. By tricking a user into opening a specially-crafted RTF file, an attacker could exploit this to execute arbitrary code with the privileges of the AbiWord user.