From Mageia wiki
Jump to: navigation, search

MGASA-2013-0044

Date: February 9th, 2013
Affected releases: 2
Media: Core


Description:
Updated apache-poi and jakarta-poi packages fix security vulnerability:

It was discovered that Apache POI, a Java implementation of the Microsoft
Office file formats, would allocate arbitrary amounts of memory when
processing crafted documents. This could impact the stability of the Java
virtual machine (CVE-2012-0213).


Updated Packages:
i586:
apache-poi-3.8-1.1.mga2.noarch.rpm
apache-poi-javadoc-3.8-1.1.mga2.noarch.rpm
apache-poi-manual-3.8-1.1.mga2.noarch.rpm
jakarta-poi-3.1-0.0.4.1.mga2.noarch.rpm
jakarta-poi-javadoc-3.1-0.0.4.1.mga2.noarch.rpm
jakarta-poi-manual-3.1-0.0.4.1.mga2.noarch.rpm

x86_64:
apache-poi-3.8-1.1.mga2.noarch.rpm
apache-poi-javadoc-3.8-1.1.mga2.noarch.rpm
apache-poi-manual-3.8-1.1.mga2.noarch.rpm
jakarta-poi-3.1-0.0.4.1.mga2.noarch.rpm
jakarta-poi-javadoc-3.1-0.0.4.1.mga2.noarch.rpm
jakarta-poi-manual-3.1-0.0.4.1.mga2.noarch.rpm

SRPMS:
apache-poi-3.8-1.1.mga2.src.rpm
jakarta-poi-3.1-0.0.4.1.mga2.src.rpm


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0213
http://www.debian.org/security/2012/dsa-2468
https://bugs.mageia.org/show_bug.cgi?id=6011