-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-27
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 25 Apr 2007
 Last revised: 25 Apr 2007

 Package: libwpd

 Summary: Buffer overflow

 More information:
    libwpd is a C++ library designed to help process WordPerfect documents. It 
    is most commonly used to import WordPerfect documents into other word processors
    (see below), but may be useful in other cases as well.

    Multiple heap-based buffer overflows in WordPerfect Document importer/exporter.

 Impact:
    Memote attackers to cause a denial of service (application crash) and possibly 
    execute arbitrary code via a crafted WordPerfect file via values to loop counters 
    that are not properly handled.
 
 Affected Products:
    - Turbolinux FUJI


 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   libwpd-0.8.4-2.src.rpm
       495543 63e33e754d318bc6e5efe34ad3236f6d

   Binary Packages
   Size: MD5

   libwpd-0.8.4-2.i686.rpm
       159579 ccacc7fa63b885f7f40974339a461bf9
   libwpd-devel-0.8.4-2.i686.rpm
       695739 f97ae6d0a65c6a190a12eaebb40111df


 References:

 CVE
   [CVE-2007-0002]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002

 --------------------------------------------------------------------------
 Revision History
    25 Apr 2007 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2007 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGLyGCK0LzjOqIJMwRAp8uAJ0e8H0ZAdDenrXYMt2t9YGyPK7EegCeOI0K
vagOWomlVrs0x01P0xeLuJc=
=iENV
-----END PGP SIGNATURE-----