Mandriva issued this advisory on November 11: http://lists.mandriva.com/security-announce/2011-11/msg00017.php The other CVE probably doesn't affect us since it says before 3.3.3. MDV fixed it by upgrading to 3.4.3, but I'm not sure if that's what you want to do.
since libreoffice 3.4.4 is in testing I guess we can close this one the also http://web.nvd.nist.gov/view/vuln/search-results?query=CVE-2011-2713&search_type=all&cves=on oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser
This isn't really a duplicate, but the proposed update from Bug 3830 is new enough to fix this issue. *** This bug has been marked as a duplicate of bug 3830 ***
Status: NEW => RESOLVEDResolution: (none) => DUPLICATE