MGASA-2013-0044
Date: | February 9th, 2013 |
Affected releases: | 2 |
Media: | Core |
Description:
Updated apache-poi and jakarta-poi packages fix security vulnerability:
It was discovered that Apache POI, a Java implementation of the Microsoft
Office file formats, would allocate arbitrary amounts of memory when
processing crafted documents. This could impact the stability of the Java
virtual machine (CVE-2012-0213).
Updated Packages:
i586:
apache-poi-3.8-1.1.mga2.noarch.rpm
apache-poi-javadoc-3.8-1.1.mga2.noarch.rpm
apache-poi-manual-3.8-1.1.mga2.noarch.rpm
jakarta-poi-3.1-0.0.4.1.mga2.noarch.rpm
jakarta-poi-javadoc-3.1-0.0.4.1.mga2.noarch.rpm
jakarta-poi-manual-3.1-0.0.4.1.mga2.noarch.rpm
x86_64:
apache-poi-3.8-1.1.mga2.noarch.rpm
apache-poi-javadoc-3.8-1.1.mga2.noarch.rpm
apache-poi-manual-3.8-1.1.mga2.noarch.rpm
jakarta-poi-3.1-0.0.4.1.mga2.noarch.rpm
jakarta-poi-javadoc-3.1-0.0.4.1.mga2.noarch.rpm
jakarta-poi-manual-3.1-0.0.4.1.mga2.noarch.rpm
SRPMS:
apache-poi-3.8-1.1.mga2.src.rpm
jakarta-poi-3.1-0.0.4.1.mga2.src.rpm
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0213
http://www.debian.org/security/2012/dsa-2468
https://bugs.mageia.org/show_bug.cgi?id=6011