Updated openoffice.org2 packages that fix a security issue are now available
for Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
OpenOffice.org is an office productivity suite.
HSQLDB is the default database engine shipped with OpenOffice.org 2.
It was discovered that HSQLDB could allow the execution of arbitrary public
static Java methods. A carefully crafted odb file opened in OpenOffice.org
Base could execute arbitrary commands with the permissions of the user
running OpenOffice.org. (CVE-2007-4575)
All users of OpenOffice.org are advised to upgrade to these updated
packages, which contain a backported patch to resolve this issue.