How to safely update open office to 2.0+?
Josef Lowder
joe at actionline.com
Mon Mar 26 23:38:13 MST 2007
.
My Mandriva 10 system has Open Office 1.1.5 and I think I would like to update
it to 2.0 (because I've had a few problems with 1.1.5), but I'm a bit
apprehensive because the only times I've ever tried to update anything on my
system that has resulted in problems.
Searching the net, I found the following two items, one of which seems
helpful, but the other increases my paranoia.
At this link: http://www.linuxquestions.org/questions/showthread.php?t=387848
I found some seemingly conflicting counsel, followed by this:
1. Remove the previous version of the Open Office.
To do so open the Mandrakelinux Control Center. Then choose
the "Software Management" and from there choose "Remove".
Search for "open office" and you will see
"OpenOffice.org-1.1.3-0.20040820.9mdk".
Select this package and click "Remove". The Control Center will
prompt you that there are some related packages and they should
be choosen too. So click "Ok". It will automatically select all
the related packages and press "Remove". Open Office 1.1.3 is gone.
2. You probably downloaded a <openoffice version>.tar.gz file
from www.openoffice.org. Right click on that file
and choose "Actions > Extract Here".
3. Open a terminal and sign in as a root.
4. Go the the folder where the <openoffice version>.tar.gz is extracted to.
(That folder is in the same place with that .tar.gz file and has
a similar name to "OOO680_m3_native_packed-2_en-US.8968").
5. Type "cd RPMS/" (take you to the RPM folder).
6. Type "rpm -vi *.rpm" (install all the rpms).
7. Type "cd desktop-integration/ "
8. Type "rpm -iv openoffice.org-mandriva-menus-2.0.0-3.noarch.rpm"
(I see that you are using Mandrake 10.1)
9. Type "openoffice.org-2.0"
(This will take you through a registration process)
10. Reboot to get rid of the old menu items.
Does this look like a correct procedure?
Is there some way to save my 1.1.5 installation in case the
newer version has problems and I want to get back to square one?
Then at this link: www.linuxsecurity.com/ I found the following:
Mandrake iDefense reported several overflow bugs in libwpd. An attacker could
create a carefully crafted Word Perfect file that could cause an application
linked with libwpd, such as OpenOffice, to crash or possibly execute arbitrary
code if the file was opened by a victim. OpenOffice.org-2.X contains an
embedded copy of libpwd, and as such is susceptible to the same issues.
Updated packages have been rebuilt using the system libwpd to address this issue.
What does all that mean? Where do I find a new version of Open Office that
will be safe? Or should I stay with 1.1.5?
More information about the PLUG-discuss
mailing list