Secure testing team - Jan 2011 - Is this patch ok (CVE-2010-3451 CVE-2010-3452 CVE-2010-3453 CVE-2010-3454)?

Four CVE entries for OOo were just announced on bugtraq, and I
extracted this info from the announcement.

I''m not sure if a version number is required in the data/CVE/list
file, so I dare not commit this patch.  Posting it here in the hope
that someone who do know can have a look and commit it.

The fix is in the recently released version 3.3 of OOo.  No idea which
versions are affected, nor if LibreOffice is affected.

Index: list
==================================================================--- list
(revision 15980)
+++ list	(working copy)
@@ -4694,14 +4694,18 @@
 	NOT-FOR-US: EnergyScripts Simple Download
 CVE-2010-3455 (Cross-site scripting (XSS) vulnerability in index.php in
AChecker 1.0 ...)
 	NOT-FOR-US: AChecker
-CVE-2010-3454
-	RESERVED
-CVE-2010-3453
-	RESERVED
-CVE-2010-3452
-	RESERVED
-CVE-2010-3451
-	RESERVED
+CVE-2010-3454 (Insecure pointer manipulation for parsing lists in Word
documents)
+	- openoffice.org
+	NOTE: http://www.vsecurity.com/resources/advisory/20110126-1/
+CVE-2010-3453 (Insecure pointer manipulation for parsing lists in Word
documents)
+	- openoffice.org
+	NOTE: http://www.vsecurity.com/resources/advisory/20110126-1/
+CVE-2010-3452 (Use after free for multilevel list parsing in RTF documents)
+	- openoffice.org
+	NOTE: http://www.vsecurity.com/resources/advisory/20110126-1/
+CVE-2010-3451 (Use after free for table parsing in RTF documents)
+	- openoffice.org
+	NOTE: http://www.vsecurity.com/resources/advisory/20110126-1/
 CVE-2010-3450
 	RESERVED
 CVE-2010-3449 (Cross-site request forgery (CSRF) vulnerability in Redback
before ...)

Happy hacking,
-- 
Petter Reinholdtsen