This update of OpenOffice fixes various critical security vulnerabilities - heap-overflow when parsing PPT files (CVE-2008-0320) - various buffer-overflows while parsing QPRO files (CVE-2007-5745, CVE-2007-5747) (NLD9 not affected) - integer overflow while parsing EMF files (CVE-2007-5746) - out-of-bound memory access and a heap-overflow in the regex engine of libICU (CVE-2007-4770, CVE-2007-4771) (NLD9 not affected) These vulnerabilities can only by exploited remotely with user-assistance and in conjunction with other software receiving OOo documents over the network (like a kmail attachment). Please note that users of SLED10-SP1 that installed the OOo-2.4 update already have the fixes. 2) Solution or Work-Around
No work-around known.