Ubuntu
koffice package

Change logs for koffice source package in Feisty

  1. Feisty (7.04)
  2. Change log 
  • koffice (1:1.6.3-0ubuntu1~feisty1) feisty-backports; urgency=low

  * New upstream release
  * Build-dep on libexif-dev
  * Backport build

 -- Jonathan Riddell <email address hidden>   Fri, 01 Jun 2007 12:38:57 +0100
  • koffice (1:1.6.2-0ubuntu1.3) feisty-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
  * debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
    added.
  * References
    CVE-2008-1693

 -- Kees Cook <email address hidden>   Tue, 15 Apr 2008 14:04:47 -0700
  • koffice (1:1.6.2-0ubuntu1.2) feisty-security; urgency=low

  * SECURITY UPDATE: multiple xpdf based vulnerabilities
  * Remotely supplied pdf files can be used to disrupt the koffice PDF
    import filter on the client machine and possibly execute arbitrary code.
  * Add debian/patches/kubuntu_02_xpdf2-CVE-2007-4352-5392-5393.diff
    edits filters/kword/pdf/xpdf/xpdf/Stream.cc and .h
  * References
    CVE-2007-4352
    CVE-2007-5392
    CVE-2007-5393
    http://www.kde.org/info/security/advisory-20071107-1.txt

 -- Jonathan Riddell <email address hidden>   Wed, 07 Nov 2007 20:29:32 +0000
  • koffice (1:1.6.2-0ubuntu1.1) feisty-security; urgency=low

  * SECURITY UPDATE: xpdf buffer overflow
    kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
    a vulnerability that can cause a stack based buffer overflow
    via a PDF file that exploits an integer overflow in
    StreamPredictor::StreamPredictor().
  * Add kubuntu_01_xpdf-CVE-2007-3387.diff
    fixes input data check in kpdf/xpdf/xpdf/Stream.cc
  * References
    http://www.kde.org/info/security/advisory-20070730-1.txt
    CVE-2007-3387
  * Add build-dep on libcairo2-dev due to poppler bug

 -- Jonathan Riddell <email address hidden>   Thu, 02 Aug 2007 17:00:06 +0100
  • koffice (1:1.6.2-0ubuntu1) feisty; urgency=low

  * New upstream release

 -- Jonathan Riddell <email address hidden>   Tue, 13 Feb 2007 11:55:03 +0000
  • koffice (1:1.6.1-0ubuntu3) feisty; urgency=low

  * SECURITY UPDATE: kpdf/kword/xpdf denial of service vulnerability
  * kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
    a vulnerability that can cause denial of service (infinite loop)
    via a PDF file that contains a crafted catalog dictionary
    or a crafted Pages attribute that references an invalid page
    tree node.
  * Add kubuntu_07_xpdf_vulnerability.diff
  * References:
    http://www.kde.org/info/security/advisory-20070115-1.txt
    CVE-2007-0104

 -- Jonathan Riddell <email address hidden>   Mon, 15 Jan 2007 19:24:24 +0000
  • koffice (1:1.6.1-0ubuntu2) feisty; urgency=low

  * Rebuild for python2.5 as the default python version.

 -- Matthias Klose <email address hidden>   Sun, 14 Jan 2007 16:26:43 +0000
  • koffice (1:1.6.1-0ubuntu1) feisty; urgency=low

  * New upstream release
  * Add build-depends on libexif-dev, libpoppler-qt-dev
  * Remove 13_krita_fill_tablet.diff, 15_krita_tablet_stylus.diff
    and 17_krita_color_range_crash.diff applied upstream

 -- Jonathan Riddell <email address hidden>   Tue, 21 Nov 2006 13:29:51 +0000
  • koffice (1:1.6.0-3ubuntu1) feisty; urgency=low

  * Merge with Debian

 -- Jonathan Riddell <email address hidden>   Fri, 17 Nov 2006 22:48:27 +0000
  • koffice (1:1.5.2-0ubuntu2) edgy; urgency=low

  * Remove build-dep on libpqxx-dev

 -- Jonathan Riddell <email address hidden>   Tue, 11 Jul 2006 15:30:41 +0000