Mandriva Linux Security Advisory : koffice (MDVSA-2008:197-1)
Medium Nessus Plugin ID 37294
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionKees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened (CVE-2008-1693).
This vulnerability also affected KOffice, so the updated packages have been patched to correct this issue.
A file conflicts existed between one of the library packages and the koffice-devel package which prevented successful upgrades if koffice-devel was previously installed. This update removes the conflicting file from koffice-devel.
SolutionUpdate the affected packages.