diff -Nru libreoffice-3.5.7/debian/changelog libreoffice-3.5.7/debian/changelog --- libreoffice-3.5.7/debian/changelog 2015-04-23 18:45:00.000000000 +0000 +++ libreoffice-3.5.7/debian/changelog 2015-11-02 21:50:36.000000000 +0000 @@ -1,3 +1,27 @@ +libreoffice (1:3.5.7-0ubuntu9) precise-security; urgency=medium + + * Rebuild as security update + + -- Marc Deslauriers Mon, 02 Nov 2015 15:50:17 -0600 + +libreoffice (1:3.5.7-0ubuntu9~precise4) precise; urgency=medium + + * add ww8 pstatus import fix + + -- Bjoern Michaelsen Fri, 18 Sep 2015 14:56:37 +0200 + +libreoffice (1:3.5.7-0ubuntu9~precise3) precise; urgency=medium + + * add fixes for ww8 wrapping and coverity#1266485 + + -- Bjoern Michaelsen Mon, 13 Jul 2015 17:52:44 +0200 + +libreoffice (1:3.5.7-0ubuntu9~precise2) precise; urgency=medium + + * add fix for link updates + + -- Bjoern Michaelsen Tue, 07 Jul 2015 12:19:31 +0200 + libreoffice (1:3.5.7-0ubuntu8) precise-security; urgency=medium * add check in hwpfilter diff -Nru libreoffice-3.5.7/debian/control libreoffice-3.5.7/debian/control --- libreoffice-3.5.7/debian/control 2014-11-07 16:26:35.000000000 +0000 +++ libreoffice-3.5.7/debian/control 2015-09-18 19:20:19.000000000 +0000 @@ -4,7 +4,7 @@ Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Debian LibreOffice Maintainers Uploaders: Rene Engelhard -Build-Depends: dpkg-dev (>= 1.16.1), lsb-release, bzip2, bison, flex | flex-old, libxaw7-dev, unzip, zip, autoconf, automake, sharutils, pkg-config, libfontconfig1-dev, libc0.1 (>= 2.10.2-7) [kfreebsd-i386 kfreebsd-amd64], zlib1g-dev, libfreetype6-dev, libx11-dev, libsm-dev, libxt-dev, libxext-dev, libxtst-dev, libice-dev, libcups2-dev, libarchive-zip-perl, fastjar, xsltproc, libxkbfile-dev, libxinerama-dev, x11proto-render-dev, libxml-parser-perl, gperf, po-debconf, bc, wget | curl, libgl1-mesa-dev [!armel !mips !mipsel], libglu1-mesa-dev [!armel !mips !mipsel], libpoppler-dev (>= 0.8.0), libpoppler-cpp-dev, libexttextcat-dev (>= 3.1.1), libjpeg-dev, libxml2-dev, libxslt1-dev, libexpat1-dev, unixodbc-dev (>= 2.2.11), libsane-dev, libxrender-dev, libpng12-dev, libssl-dev, librsvg2-dev, libdb-dev, python (>= 2.6.6-3+squeeze4), python-dev (>= 2.6), python3-dev, debhelper (>= 7.2.3~), libcppunit-dev (>= 1.12), gdb, junit4 (>= 4.8.2-2), openjdk-6-jdk (>= 6b23~pre8-2) [alpha amd64 armel armhf i386 mips mipsel powerpc powerpcspe ppc64 s390 s390x sparc], openjdk-7-jdk [ia64], gcj-jdk [hppa kfreebsd-i386 kfreebsd-amd64], gcj-native-helper [hppa kfreebsd-amd64 kfreebsd-i386], libgcj-common (>= 1:4.4.1) [hppa kfreebsd-amd64 kfreebsd-i386], ant (>= 1.7.0), ant-optional (>= 1.7.0), libcommons-codec-java, libcommons-httpclient-java, libcommons-lang-java, libcommons-logging-java (>= 1.1.1-9), libservlet2.5-java, javahelper (>= 0.37~), libnss3-dev (>= 3.12.3), dmake (>= 1:4.11), libhunspell-dev (>= 1.1.5-2), libhyphen-dev (>= 2.4), libstlport4.6-dev (>= 4.6.2-3) [i386], libboost-dev (>= 1.38), libmdds-dev (>= 0.5.0), libvigraimpex-dev, libsampleicc-dev, libicc-utils-dev, libwpd-dev (>= 0.9.0), libmythes-dev (>= 2:1.2), libwps-dev (>= 0.2.0), libwpg-dev (>= 0.2.0), libcmis-dev, libicu-dev (>= 4.0), libcairo2-dev, kdelibs5-dev (>= 4:4.3.4), libqt4-dev (>= 4.5), libmysqlclient-dev, libmysqlcppconn-dev (>= 1.1.0~r791), libgtk2.0-dev (>= 2.10), libgtk-3-dev (>= 3.2~), libebook1.2-dev [!armel !armhf !powerpc !powerpcspe !ppc64], libpq-dev (>= 9.0~), libxrandr-dev, libhsqldb-java (>> 1.8.0.10), bsh (>= 2.0b4), libdbus-glib-1-dev (>= 0.70), libgstreamer-plugins-base0.10-dev, libneon27-gnutls-dev, librdf0-dev (>= 1.0.8), libglib2.0-dev (>= 2.15.0), libgconf2-dev, liborbit2-dev, gettext, make (>= 3.81-8.1ubuntu1), libldap2-dev +Build-Depends: dpkg-dev (>= 1.16.1), lsb-release, bzip2, bison, flex | flex-old, libxaw7-dev, unzip, zip, autoconf, automake, sharutils, pkg-config, libfontconfig1-dev, libc0.1 (>= 2.10.2-7) [kfreebsd-i386 kfreebsd-amd64], zlib1g-dev, libfreetype6-dev, libx11-dev, libsm-dev, libxt-dev, libxext-dev, libxtst-dev, libice-dev, libcups2-dev, libarchive-zip-perl, fastjar, xsltproc, libxkbfile-dev, libxinerama-dev, x11proto-render-dev, libxml-parser-perl, gperf, po-debconf, bc, wget | curl, gcc-foo [hppa kfreebsd-i386 kfreebsd-amd64], g++-foo [hppa kfreebsd-i386 kfreebsd-amd64], libgl1-mesa-dev [!armel !mips !mipsel], libglu1-mesa-dev [!armel !mips !mipsel], libpoppler-dev (>= 0.8.0), libpoppler-cpp-dev, libexttextcat-dev (>= 3.1.1), libjpeg-dev, libxml2-dev, libxslt1-dev, libexpat1-dev, unixodbc-dev (>= 2.2.11), libsane-dev, libxrender-dev, libpng12-dev, libssl-dev, librsvg2-dev, libdb-dev, python (>= 2.6.6-3+squeeze4), python-dev (>= 2.6), python3-dev, debhelper (>= 7.2.3~), libcppunit-dev (>= 1.12), gdb, junit4 (>= 4.8.2-2), openjdk-6-jdk (>= 6b23~pre8-2) [alpha amd64 armel armhf i386 mips mipsel powerpc powerpcspe ppc64 s390 s390x sparc], openjdk-7-jdk [ia64], gcj-jdk [hppa kfreebsd-i386 kfreebsd-amd64], gcj-native-helper [hppa kfreebsd-amd64 kfreebsd-i386], libgcj-common (>= 1:4.4.1) [hppa kfreebsd-amd64 kfreebsd-i386], ant (>= 1.7.0), ant-optional (>= 1.7.0), libcommons-codec-java, libcommons-httpclient-java, libcommons-lang-java, libcommons-logging-java (>= 1.1.1-9), libservlet2.5-java, javahelper (>= 0.37~), libnss3-dev (>= 3.12.3), dmake (>= 1:4.11), libhunspell-dev (>= 1.1.5-2), libhyphen-dev (>= 2.4), libstlport4.6-dev (>= 4.6.2-3) [i386], libboost-dev (>= 1.38), libmdds-dev (>= 0.5.0), libvigraimpex-dev, libsampleicc-dev, libicc-utils-dev, libwpd-dev (>= 0.9.0), libmythes-dev (>= 2:1.2), libwps-dev (>= 0.2.0), libwpg-dev (>= 0.2.0), libcmis-dev, libicu-dev (>= 4.0), libcairo2-dev, kdelibs5-dev (>= 4:4.3.4), libqt4-dev (>= 4.5), libmysqlclient-dev, libmysqlcppconn-dev (>= 1.1.0~r791), libgtk2.0-dev (>= 2.10), libgtk-3-dev (>= 3.2~), libebook1.2-dev [!armel !armhf !powerpc !powerpcspe !ppc64], libpq-dev (>= 9.0~), libxrandr-dev, libhsqldb-java (>> 1.8.0.10), bsh (>= 2.0b4), libdbus-glib-1-dev (>= 0.70), libgstreamer-plugins-base0.10-dev, libneon27-gnutls-dev, librdf0-dev (>= 1.0.8), libglib2.0-dev (>= 2.15.0), libgconf2-dev, liborbit2-dev, gettext, make (>= 3.81-8.1ubuntu1), libldap2-dev Build-Depends-Indep: fdupes, xml-core, imagemagick, fontforge Build-Conflicts: libcairo2 (= 1.4.8-1), libxul-dev (= 1.8.0.13~pre070720-0etch1), gjdoc (= 0.7.8-2), libc6-dev (= 2.6.1-3) [i386 amd64], libc6-dev (= 2.6.1-4) [i386 amd64], libc0.1-dev (= 2.13-26) [kfreebsd-i386 kfreebsd-amd64], nvidia-glx-dev, nvidia-glx-legacy-dev, gcj-4.2 (= 4.2.2-6), flex (= 2.5.34-1) [amd64], libboost1.39-dev (<< 1.39.0-2), graphicsmagick-imagemagick-compat (<< 1.3.9~), qt3-dev-tools, ant (= 1.8.0-1) [hppa kfreebsd-i386 kfreebsd-amd64], ant (= 1.8.0-2) [hppa kfreebsd-i386 kfreebsd-amd64], ant (= 1.8.0-3) [hppa kfreebsd-i386 kfreebsd-amd64], g++-4.6 (= 4.6.1-10), g++-4.6 (= 4.6.1-11), base-files (= 6.0), base-files (= 6.0squeeze1), libhsqldb-java (>= 1.8.1~) Standards-Version: 3.9.1 diff -Nru libreoffice-3.5.7/debian/patches/coverity-1266485.diff libreoffice-3.5.7/debian/patches/coverity-1266485.diff --- libreoffice-3.5.7/debian/patches/coverity-1266485.diff 1970-01-01 00:00:00.000000000 +0000 +++ libreoffice-3.5.7/debian/patches/coverity-1266485.diff 2015-09-18 12:57:58.000000000 +0000 @@ -0,0 +1,115 @@ +From 0a1f215c8ebe76ff88f8a8e46a4956f45e96a9cd Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= +Date: Mon, 26 Jan 2015 11:26:41 +0000 +Subject: [PATCH] coverity#1266485 Untrusted value as argument + +(cherry picked from commit 0934ed1a40c59c169354b177d7dab4228de66171) + +min legal size here is > 4 + +(cherry picked from commit 3131205c05a3fde4ef1e3322cc48ca23c443f6d3) + +(cherry picked from commit 964000d415bcf491704dad57aee7e0656ea60dab) +Reviewed-on: https://gerrit.libreoffice.org/16983 +Reviewed-by: David Tardon +Tested-by: David Tardon + +Conflicts: + vcl/source/gdi/jobset.cxx + +9f68d000b32623db4d949d13284043630f5689f4 + +Change-Id: I7708ecaf5412535055584ed6c71beaa9cd71c10c +DebianPatchName: coverity-1266485.diff +--- + vcl/source/gdi/jobset.cxx | 35 +++++++++++++++++++++-------------- + 1 file changed, 21 insertions(+), 14 deletions(-) + +diff --git a/vcl/source/gdi/jobset.cxx b/vcl/source/gdi/jobset.cxx +index 14b86b2..ed27fb4 100644 +--- a/vcl/source/gdi/jobset.cxx ++++ b/vcl/source/gdi/jobset.cxx +@@ -31,6 +31,7 @@ + #include + #include + #include ++#include + + #include + +@@ -277,21 +278,26 @@ SvStream& operator>>( SvStream& rIStream, JobSetup& rJobSetup ) + DBG_ASSERTWARNING( rIStream.GetVersion(), "JobSetup::>> - Solar-Version not set on rOStream" ); + + { +- sal_Size nFirstPos = rIStream.Tell(); +- + sal_uInt16 nLen = 0; + rIStream >> nLen; +- if ( !nLen ) ++ if (nLen <= 4) + return rIStream; + + sal_uInt16 nSystem = 0; + rIStream >> nSystem; +- +- char* pTempBuf = new char[nLen]; +- rIStream.Read( pTempBuf, nLen - sizeof( nLen ) - sizeof( nSystem ) ); +- if ( nLen >= sizeof(ImplOldJobSetupData)+4 ) ++ const size_t nRead = nLen - sizeof(nLen) - sizeof(nSystem); ++ if (nRead > rIStream.remainingSize()) ++ { ++ SAL_WARN("vcl", "Parsing error: " << rIStream.remainingSize() << ++ " max possible entries, but " << nRead << " claimed, truncating"); ++ return rIStream; ++ } ++ sal_Size nFirstPos = rIStream.Tell(); ++ boost::scoped_array pTempBuf(new char[nRead]); ++ rIStream.Read(pTempBuf.get(), nRead); ++ if (nRead >= sizeof(ImplOldJobSetupData)) + { +- ImplOldJobSetupData* pData = (ImplOldJobSetupData*)pTempBuf; ++ ImplOldJobSetupData* pData = (ImplOldJobSetupData*)pTempBuf.get(); + if ( rJobSetup.mpData ) + { + if ( rJobSetup.mpData->mnRefCount == 1 ) +@@ -313,7 +319,7 @@ SvStream& operator>>( SvStream& rIStream, JobSetup& rJobSetup ) + if ( nSystem == JOBSET_FILE364_SYSTEM || + nSystem == JOBSET_FILE605_SYSTEM ) + { +- Impl364JobSetupData* pOldJobData = (Impl364JobSetupData*)(pTempBuf + sizeof( ImplOldJobSetupData )); ++ Impl364JobSetupData* pOldJobData = (Impl364JobSetupData*)(pTempBuf.get() + sizeof( ImplOldJobSetupData )); + sal_uInt16 nOldJobDataSize = SVBT16ToShort( pOldJobData->nSize ); + pJobData->mnSystem = SVBT16ToShort( pOldJobData->nSystem ); + pJobData->mnDriverDataLen = SVBT32ToUInt32( pOldJobData->nDriverDataLen ); +@@ -331,8 +337,10 @@ SvStream& operator>>( SvStream& rIStream, JobSetup& rJobSetup ) + } + if( nSystem == JOBSET_FILE605_SYSTEM ) + { +- rIStream.Seek( nFirstPos + sizeof( ImplOldJobSetupData ) + 4 + sizeof( Impl364JobSetupData ) + pJobData->mnDriverDataLen ); +- while( rIStream.Tell() < nFirstPos + nLen ) ++// rIStream.Seek( nFirstPos + sizeof( ImplOldJobSetupData ) + 4 + sizeof( Impl364JobSetupData ) + pJobData->mnDriverDataLen ); ++// while( rIStream.Tell() < nFirstPos + nLen ) ++ rIStream.Seek( nFirstPos + sizeof( ImplOldJobSetupData ) + sizeof( Impl364JobSetupData ) + pJobData->mnDriverDataLen ); ++ while( rIStream.Tell() < nFirstPos + nRead ) + { + String aKey, aValue; + rIStream.ReadByteString( aKey, RTL_TEXTENCODING_UTF8 ); +@@ -351,13 +359,12 @@ SvStream& operator>>( SvStream& rIStream, JobSetup& rJobSetup ) + else + pJobData->maValueMap[ aKey ] = aValue; + } +- DBG_ASSERT( rIStream.Tell() == nFirstPos+nLen, "corrupted job setup" ); ++ DBG_ASSERT( rIStream.Tell() == nFirstPos+nRead, "corrupted job setup" ); + // ensure correct stream position +- rIStream.Seek( nFirstPos + nLen ); ++ rIStream.Seek( nFirstPos + nRead ); + } + } + } +- delete[] pTempBuf; + } + + return rIStream; +-- +1.9.1 + diff -Nru libreoffice-3.5.7/debian/patches/LinkUpdateMode-is-a-global-setting.diff libreoffice-3.5.7/debian/patches/LinkUpdateMode-is-a-global-setting.diff --- libreoffice-3.5.7/debian/patches/LinkUpdateMode-is-a-global-setting.diff 1970-01-01 00:00:00.000000000 +0000 +++ libreoffice-3.5.7/debian/patches/LinkUpdateMode-is-a-global-setting.diff 2015-09-18 12:57:58.000000000 +0000 @@ -0,0 +1,288 @@ +commit 35d4fb9cfc3d2ff8145f28fadfeef1c782ae8483 +Author: Stephan Bergmann +Date: Tue Jul 7 12:08:01 2015 +0200 + + LinkUpdateMode is a global setting + + (cherry picked from commit 77cc71476bae2b3655102e2c29d36af40a393201) + Conflicts: + sw/source/core/doc/DocumentLinksAdministrationManager.cxx + sw/source/filter/xml/xmlimp.cxx + + Reviewed-on: https://gerrit.libreoffice.org/16424 + Reviewed-by: Miklos Vajna + Reviewed-by: Christian Lohmaier + Tested-by: Christian Lohmaier + + Change-Id: Ida1257337c6e0916f2228fe053d9c9f085183af6 + +diff --git a/sc/source/filter/xml/xmlimprt.cxx b/sc/source/filter/xml/xmlimprt.cxx +index 166cef9..7227f82 100644 +--- a/sc/source/filter/xml/xmlimprt.cxx ++++ b/sc/source/filter/xml/xmlimprt.cxx +@@ -2278,6 +2278,10 @@ void ScXMLImport::SetConfigurationSettings(const uno::Sequence aFilteredProps( ++ aConfigProps.getLength()); ++ sal_Int32 nFilteredPropsLen = 0; + for (sal_Int32 i = nCount - 1; i >= 0; --i) + { + if (aConfigProps[i].Name == sCTName) +@@ -2312,11 +2316,16 @@ void ScXMLImport::SetConfigurationSettings(const uno::SequencesetPropertyValue( aConfigProps[i].Name, aConfigProps[i].Value ); + } + } ++ if (aConfigProps[i].Name != sLUName) ++ { ++ aFilteredProps[nFilteredPropsLen++] = aConfigProps[i]; ++ } + } ++ aFilteredProps.realloc(nFilteredPropsLen); + uno::Reference xInterface = xMultiServiceFactory->createInstance(rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.comp.SpreadsheetSettings"))); + uno::Reference xProperties(xInterface, uno::UNO_QUERY); + if (xProperties.is()) +- SvXMLUnitConverter::convertPropertySet(xProperties, aConfigProps); ++ SvXMLUnitConverter::convertPropertySet(xProperties, aFilteredProps); + } + } + } +diff --git a/sc/source/ui/docshell/docsh4.cxx b/sc/source/ui/docshell/docsh4.cxx +index 93d5c42..7332ed2 100644 +--- a/sc/source/ui/docshell/docsh4.cxx ++++ b/sc/source/ui/docshell/docsh4.cxx +@@ -118,6 +118,7 @@ using namespace ::com::sun::star; + #include "sharedocdlg.hxx" + #include "conditio.hxx" + #include "sheetevents.hxx" ++#include "unotools/securityoptions.hxx" + + //------------------------------------------------------------------ + +@@ -447,11 +448,21 @@ void ScDocShell::Execute( SfxRequest& rReq ) + + if (nCanUpdate == com::sun::star::document::UpdateDocMode::NO_UPDATE) + nSet = LM_NEVER; +- else if (nCanUpdate == com::sun::star::document::UpdateDocMode::QUIET_UPDATE && +- nSet == LM_ON_DEMAND) +- nSet = LM_NEVER; + else if (nCanUpdate == com::sun::star::document::UpdateDocMode::FULL_UPDATE) + nSet = LM_ALWAYS; ++ if (nSet == LM_ALWAYS ++ && !(SvtSecurityOptions() ++ .isTrustedLocationUriForUpdatingLinks( ++ rtl::OUString(GetMedium() == nullptr ++ ? String() : GetMedium()->GetName())))) ++ { ++ nSet = LM_ON_DEMAND; ++ } ++ if (nCanUpdate == com::sun::star::document::UpdateDocMode::QUIET_UPDATE ++ && nSet == LM_ON_DEMAND) ++ { ++ nSet = LM_NEVER; ++ } + + if(nSet==LM_ON_DEMAND) + { +diff --git a/sw/source/core/doc/docnew.cxx b/sw/source/core/doc/docnew.cxx +index cdf5def..e40671b 100644 +--- a/sw/source/core/doc/docnew.cxx ++++ b/sw/source/core/doc/docnew.cxx +@@ -114,6 +114,7 @@ + + #include + #include // MetaFieldManager ++#include + + using namespace ::com::sun::star; + using namespace ::com::sun::star::document; +@@ -924,6 +925,15 @@ void SwDoc::UpdateLinks( sal_Bool bUI ) + case document::UpdateDocMode::QUIET_UPDATE:bAskUpdate = sal_False; break; + case document::UpdateDocMode::FULL_UPDATE: bAskUpdate = sal_True; break; + } ++ if (nLinkMode == AUTOMATIC && !bAskUpdate) ++ { ++ SfxMedium * medium = GetDocShell()->GetMedium(); ++ if (!SvtSecurityOptions().isTrustedLocationUriForUpdatingLinks( ++ rtl::OUString(medium == nullptr ? String() : medium->GetName()))) ++ { ++ bAskUpdate = true; ++ } ++ } + if( bUpdate && (bUI || !bAskUpdate) ) + { + SfxMedium* pMedium = GetDocShell()->GetMedium(); +diff --git a/sw/source/filter/xml/xmlimp.cxx b/sw/source/filter/xml/xmlimp.cxx +index ca700d0..36b3fa9 100644 +--- a/sw/source/filter/xml/xmlimp.cxx ++++ b/sw/source/filter/xml/xmlimp.cxx +@@ -1126,42 +1126,42 @@ void SwXMLImport::SetConfigurationSettings(const Sequence < PropertyValue > & aC + if( !xInfo.is() ) + return; + +- boost::unordered_set< String, StringHashRef, StringEqRef > aSet; +- aSet.insert(String("ForbiddenCharacters", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("IsKernAsianPunctuation", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("CharacterCompressionType", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("LinkUpdateMode", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("FieldAutoUpdate", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("ChartAutoUpdate", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("AddParaTableSpacing", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("AddParaTableSpacingAtStart", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintAnnotationMode", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintBlackFonts", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintControls", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintDrawings", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintGraphics", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintLeftPages", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintPageBackground", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintProspect", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintReversed", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintRightPages", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintFaxName", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintPaperFromSetup", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintTables", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintSingleJobs", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("UpdateFromTemplate", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrinterIndependentLayout", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("PrintEmptyPages", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("SmallCapsPercentage66", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("TabOverflow", RTL_TEXTENCODING_ASCII_US)); +- aSet.insert(String("UnbreakableNumberings", RTL_TEXTENCODING_ASCII_US)); ++ boost::unordered_set< String, StringHashRef, StringEqRef > aExcludeAlways; ++ aExcludeAlways.insert(String("LinkUpdateMode", RTL_TEXTENCODING_ASCII_US)); ++ boost::unordered_set< String, StringHashRef, StringEqRef > aExcludeWhenNotLoadingUserSettings; ++ aExcludeWhenNotLoadingUserSettings.insert(String("ForbiddenCharacters", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("IsKernAsianPunctuation", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("CharacterCompressionType", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("FieldAutoUpdate", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("ChartAutoUpdate", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("AddParaTableSpacing", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("AddParaTableSpacingAtStart", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintAnnotationMode", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintBlackFonts", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintControls", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintDrawings", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintGraphics", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintLeftPages", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintPageBackground", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintProspect", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintReversed", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintRightPages", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintFaxName", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintPaperFromSetup", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintTables", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintSingleJobs", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("UpdateFromTemplate", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrinterIndependentLayout", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("PrintEmptyPages", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("SmallCapsPercentage66", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("TabOverflow", RTL_TEXTENCODING_ASCII_US)); ++ aExcludeWhenNotLoadingUserSettings.insert(String("UnbreakableNumberings", RTL_TEXTENCODING_ASCII_US)); + + sal_Int32 nCount = aConfigProps.getLength(); + const PropertyValue* pValues = aConfigProps.getConstArray(); + + SvtSaveOptions aSaveOpt; +- sal_Bool bIsUserSetting = aSaveOpt.IsLoadUserSettings(), +- bSet = bIsUserSetting; ++ sal_Bool bIsUserSetting = aSaveOpt.IsLoadUserSettings(); + + // for some properties we don't want to use the application + // default if they're missing. So we watch for them in the loop +@@ -1198,12 +1198,12 @@ void SwXMLImport::SetConfigurationSettings(const Sequence < PropertyValue > & aC + + while( nCount-- ) + { +- if( !bIsUserSetting ) ++ bool bSet = aExcludeAlways.find(pValues->Name) == aExcludeAlways.end(); ++ if( bSet && !bIsUserSetting ++ && (aExcludeWhenNotLoadingUserSettings.find(pValues->Name) ++ != aExcludeWhenNotLoadingUserSettings.end()) ) + { +- // test over the hash value if the entry is in the table. +- String aStr(pValues->Name); +- +- bSet = aSet.find(aStr) == aSet.end(); ++ bSet = false; + } + + if( bSet ) +diff --git a/unotools/inc/unotools/securityoptions.hxx b/unotools/inc/unotools/securityoptions.hxx +index fd1b7c7..c7b495a 100644 +--- a/unotools/inc/unotools/securityoptions.hxx ++++ b/unotools/inc/unotools/securityoptions.hxx +@@ -192,6 +192,9 @@ class UNOTOOLS_DLLPUBLIC SvtSecurityOptions: public utl::detail::Options + ::com::sun::star::uno::Sequence< ::rtl::OUString > GetSecureURLs( ) const ; + void SetSecureURLs( const ::com::sun::star::uno::Sequence< ::rtl::OUString >& seqURLList ) ; + ++ bool isTrustedLocationUri(rtl::OUString const & uri) const; ++ bool isTrustedLocationUriForUpdatingLinks(rtl::OUString const & uri) const; ++ + /*-****************************************************************************************************//** + @short interface methods to get and set value of config key "org.openoffice.Office.Common/Security/Scripting/StarOfficeBasic" + @descr These value determines how StarOffice Basic scripts should be handled. +diff --git a/unotools/source/config/securityoptions.cxx b/unotools/source/config/securityoptions.cxx +index 71ca268..59db9b8 100644 +--- a/unotools/source/config/securityoptions.cxx ++++ b/unotools/source/config/securityoptions.cxx +@@ -39,6 +39,7 @@ + #include + + #include ++#include + + #include + #include "itemholder1.hxx" +@@ -133,6 +134,7 @@ using namespace ::com::sun::star::uno ; + + class SvtSecurityOptions_Impl : public ConfigItem + { ++ friend class SvtSecurityOptions; + //------------------------------------------------------------------------------------------------------------- + // public methods + //------------------------------------------------------------------------------------------------------------- +@@ -189,8 +191,10 @@ class SvtSecurityOptions_Impl : public ConfigItem + + Sequence< OUString > GetSecureURLs ( ) const ; + void SetSecureURLs ( const Sequence< OUString >& seqURLList ) ; ++ + sal_Bool IsSecureURL ( const OUString& sURL, + const OUString& sReferer ) const ; ++ + inline sal_Int32 GetMacroSecurityLevel ( ) const ; + void SetMacroSecurityLevel ( sal_Int32 _nLevel ) ; + +@@ -928,6 +932,30 @@ sal_Bool SvtSecurityOptions_Impl::IsSecureURL( const OUString& sURL , + return bState; + } + ++bool SvtSecurityOptions::isTrustedLocationUri(OUString const & uri) const { ++ MutexGuard g(GetInitMutex()); ++ for (sal_Int32 i = 0; i != m_pDataContainer->m_seqSecureURLs.getLength(); ++ ++i) ++ { ++ if (utl::UCBContentHelper::IsSubPath( ++ m_pDataContainer->m_seqSecureURLs[i], uri)) ++ { ++ return true; ++ } ++ } ++ return false; ++} ++ ++bool SvtSecurityOptions::isTrustedLocationUriForUpdatingLinks( ++ OUString const & uri) const ++{ ++ const OUString uristart = uri.copy(0, 8); ++ return GetMacroSecurityLevel() == 0 || uri.isEmpty() ++ || uristart.equalsIgnoreAsciiCaseAsciiL("private:", 8) ++ || isTrustedLocationUri(uri); ++} ++ ++ + inline sal_Int32 SvtSecurityOptions_Impl::GetMacroSecurityLevel() const + { + return m_nSecLevel; diff -Nru libreoffice-3.5.7/debian/patches/pstatus-vector.diff libreoffice-3.5.7/debian/patches/pstatus-vector.diff --- libreoffice-3.5.7/debian/patches/pstatus-vector.diff 1970-01-01 00:00:00.000000000 +0000 +++ libreoffice-3.5.7/debian/patches/pstatus-vector.diff 2015-09-18 12:57:58.000000000 +0000 @@ -0,0 +1,87 @@ +From 2b84a22a0d84e5d07cbaa0a406eec15fd5fb10ec Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= +Date: Thu, 13 Aug 2015 10:58:06 +0100 +Subject: [PATCH] convert pStatus to vector and use at to check offsets + +(cherry picked from commit ea70088895ed45dc60abf18319acc1b4fa3018dd) + +Change-Id: I5186f6a65bb9d5ed8a0d1ab1d71f7e2c13865411 +Reviewed-on: https://gerrit.libreoffice.org/17695 +Reviewed-by: David Tardon +Tested-by: David Tardon +DebianPatchName: pstatus-vector.diff +--- + sw/source/filter/ww8/ww8scan.cxx | 16 ++++++++-------- + sw/source/filter/ww8/ww8scan.hxx | 4 ++-- + 2 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx +index 06993b4..3d862c8 100644 +--- a/sw/source/filter/ww8/ww8scan.cxx ++++ b/sw/source/filter/ww8/ww8scan.cxx +@@ -3972,7 +3972,7 @@ void WW8ReadSTTBF(bool bVer8, SvStream& rStrm, sal_uInt32 nStart, sal_Int32 nLen + } + + WW8PLCFx_Book::WW8PLCFx_Book(SvStream* pTblSt, const WW8Fib& rFib) +- : WW8PLCFx(rFib.GetFIBVersion(), false), pStatus(0), nIsEnd(0), nBookmarkId(1) ++ : WW8PLCFx(rFib.GetFIBVersion(), false), nIsEnd(0), nBookmarkId(1) + { + if( !rFib.fcPlcfbkf || !rFib.lcbPlcfbkf || !rFib.fcPlcfbkl || + !rFib.lcbPlcfbkl || !rFib.fcSttbfbkmk || !rFib.lcbSttbfbkmk ) +@@ -3997,14 +3997,12 @@ WW8PLCFx_Book::WW8PLCFx_Book(SvStream* pTblSt, const WW8Fib& rFib) + nIMax = pBook[0]->GetIMax(); + if( pBook[1]->GetIMax() < nIMax ) + nIMax = pBook[1]->GetIMax(); +- pStatus = new eBookStatus[ nIMax ]; +- memset( pStatus, 0, nIMax * sizeof( eBookStatus ) ); ++ aStatus.resize(nIMax); + } + } + + WW8PLCFx_Book::~WW8PLCFx_Book() + { +- delete[] pStatus; + delete pBook[1]; + delete pBook[0]; + } +@@ -4118,16 +4116,18 @@ long WW8PLCFx_Book::GetLen() const + + void WW8PLCFx_Book::SetStatus(sal_uInt16 nIndex, eBookStatus eStat ) + { +- OSL_ENSURE(nIndex < nIMax, "set status of non existing bookmark!"); +- pStatus[nIndex] = (eBookStatus)( pStatus[nIndex] | eStat ); ++ SAL_WARN_IF(nIndex >= nIMax, "sw.ww8", ++ "bookmark index " << nIndex << " invalid"); ++ eBookStatus eStatus = aStatus.at(nIndex); ++ aStatus[nIndex] = static_cast(eStatus | eStat); + } + + eBookStatus WW8PLCFx_Book::GetStatus() const + { +- if( !pStatus ) ++ if (aStatus.empty()) + return BOOK_NORMAL; + long nEndIdx = GetHandle(); +- return ( nEndIdx < nIMax ) ? pStatus[nEndIdx] : BOOK_NORMAL; ++ return ( nEndIdx < nIMax ) ? aStatus[nEndIdx] : BOOK_NORMAL; + } + + long WW8PLCFx_Book::GetHandle() const +diff --git a/sw/source/filter/ww8/ww8scan.hxx b/sw/source/filter/ww8/ww8scan.hxx +index a323b84..e9df6cb2 100644 +--- a/sw/source/filter/ww8/ww8scan.hxx ++++ b/sw/source/filter/ww8/ww8scan.hxx +@@ -703,8 +703,8 @@ class WW8PLCFx_Book : public WW8PLCFx + { + private: + WW8PLCFspecial* pBook[2]; // Start and End Position +- ::std::vector aBookNames; // Name +- eBookStatus* pStatus; ++ std::vector aBookNames; // Name ++ std::vector aStatus; + long nIMax; // Number of Booknotes + sal_uInt16 nIsEnd; + int nBookmarkId; // counter incremented by GetUniqueBookmarkName. +-- +1.9.1 + diff -Nru libreoffice-3.5.7/debian/patches/series libreoffice-3.5.7/debian/patches/series --- libreoffice-3.5.7/debian/patches/series 2015-04-21 16:20:31.000000000 +0000 +++ libreoffice-3.5.7/debian/patches/series 2015-09-18 12:57:58.000000000 +0000 @@ -64,3 +64,7 @@ i125386.diff check-if-reads-were-successful.diff tdf-86449.diff +LinkUpdateMode-is-a-global-setting.diff +ww8dontwrap.diff +coverity-1266485.diff +pstatus-vector.diff diff -Nru libreoffice-3.5.7/debian/patches/ww8dontwrap.diff libreoffice-3.5.7/debian/patches/ww8dontwrap.diff --- libreoffice-3.5.7/debian/patches/ww8dontwrap.diff 1970-01-01 00:00:00.000000000 +0000 +++ libreoffice-3.5.7/debian/patches/ww8dontwrap.diff 2015-09-18 12:57:58.000000000 +0000 @@ -0,0 +1,35 @@ +From d0e1f7de2313d2fc6d50ace007d81c654fd27c43 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= +Date: Mon, 13 Jul 2015 10:31:30 +0100 +Subject: [PATCH] ww8: make sure we don't wrap around + +(cherry picked from commit 755b9320c81948358a1d4104c8875594b5700d39) +Reviewed-on: https://gerrit.libreoffice.org/16981 +Reviewed-by: David Tardon +Tested-by: David Tardon + +Change-Id: I667bb264f92024b72f230c2ddbba3887471345f2 +DebianPatchName: ww8dontwrap.diff +--- + sw/source/filter/ww8/ww8scan.cxx | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/sw/source/filter/ww8/ww8scan.cxx b/sw/source/filter/ww8/ww8scan.cxx +index b149478..06993b4 100644 +--- a/sw/source/filter/ww8/ww8scan.cxx ++++ b/sw/source/filter/ww8/ww8scan.cxx +@@ -1538,7 +1538,11 @@ WW8PLCFpcd* WW8ScannerBase::OpenPieceTable( SvStream* pStr, const WW8Fib* pWwF ) + if( 2 == clxt ) // PLCFfpcd ? + break; // PLCFfpcd gefunden + if( 1 == clxt ) // clxtGrpprl ? ++ { ++ if (nGrpprl == SHRT_MAX) ++ return NULL; + nGrpprl++; ++ } + sal_uInt16 nLen(0); + *pStr >> nLen; + nLeft -= 2 + nLen; +-- +1.9.1 +