Publishing details
-
Removed from disk
.
-
Removal requested
.
-
Superseded
by libreoffice - 1:5.1.6~rc2-0ubuntu1~xenial6
-
Published
-
Copied from
ubuntu xenial in
PPA for Ubuntu Security Proposed
by Chris Coulson
Changelog
libreoffice (1:5.1.6~rc2-0ubuntu1~xenial3) xenial-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: remote arbitrary file disclosure vulnerability using
WEBSERVICE
- debian/patches/CVE-2018-6871-1.patch: limit WEBSERVICE to http[s]
protocols.
- debian/patches/CVE-2018-6871-2.patch: better handle ScDde formulas
with missing dde-link entries.
- debian/patches/CVE-2018-6871-3.patch: handle ocWebservice similarly
to ocDde.
- debian/patches/CVE-2018-6871-4.patch: CheckLinkFormulaNeedingCheck()
for .xls and .xlsx formula cells.
- debian/patches/CVE-2018-6871-5.patch: CheckLinkFormulaNeedingCheck()
for conditional format expressions
- debian/patches/CVE-2018-6871-6.patch: CheckLinkFormulaNeedingCheck()
for named expressions
- debian/patches/CVE-2018-6871-7.patch: fix for DDE link update via
Function Wizard
- CVE-2018-6871
* SECURITY UPDATE: use-after-free in SwRootFrame
- debian/patches/layout-footnote-use-after-free.diff: fix layout
footnote use-after-free in SwRootFrame.
- No CVE number.
-- Olivier Tilloy <email address hidden> Sat, 17 Feb 2018 22:55:08 +0100
Builds
Package files