libreoffice (1:7.3.7-0ubuntu0.22.04.7) jammy-security; urgency=medium
* SECURITY UPDATE: Signatures in "repair mode" should not be trusted
- debian/patches/CVE-2024-7788.patch: sfx2: SfxObjectShell should
not trust any signature on repaired package
- CVE-2024-7788
-- Rico Tzschichholz <ricotz@ubuntu.com> Wed, 18 Sep 2024 17:10:51 +0200
libreoffice (1:7.3.7-0ubuntu0.22.04.6) jammy-security; urgency=medium
* SECURITY UPDATE: Ability to trust not validated macro signatures
removed in high security mode (LP: #2076130)
- debian/patches/CVE-2024-6472.patch: remove ability to trust not
validated macro signatures in high security
- CVE-2024-6472
-- Rico Tzschichholz <ricotz@ubuntu.com> Mon, 05 Aug 2024 21:22:27 +0200
libreoffice (1:7.3.7-0ubuntu0.22.04.5) jammy-security; urgency=medium
* SECURITY UPDATE: Graphic on-click binding allows unchecked script
execution
- debian/patches/CVE-2024-3044.patch: add notify for script use
- CVE-2024-3044
-- Rico Tzschichholz <ricotz@ubuntu.com> Wed, 15 May 2024 09:06:02 +0200
libreoffice (1:7.3.7-0ubuntu0.22.04.4) jammy-security; urgency=medium
* SECURITY UPDATE: Improper input validation enabling arbitrary Gstreamer
pipeline injection
- debian/patches/CVE-2023-6185.patch: escape url passed to gstreamer
- CVE-2023-6185
* SECURITY UPDATE: Link targets allow arbitrary script execution
- debian/patches/CVE-2023-6186-*.patch: multiple commits to fix
security issues.
- CVE-2023-6186
* patches/CppunitTest_desktop_lib-adjust-asserts-so-this-works.patch:
- Usage of expired certificates in CppunitTest_desktop_lib:
adjust asserts so this works again
-- Rico Tzschichholz <ricotz@ubuntu.com> Mon, 11 Dec 2023 15:19:13 +0100
libreoffice (1:7.3.7-0ubuntu0.22.04.3) jammy-security; urgency=high
* SECURITY UPDATE: Remote documents loaded without prompt via IFrame
- debian/patches/CVE-2023-2255-*.patch: multiple commits to fix
security issues.
- CVE-2023-2255
* SECURITY UPDATE: Array Index UnderFlow in Calc Formula Parsing
- debian/patches/CVE-2023-0950.patch: Obtain actual 0-parameter count
for OR(), AND() and 1-parameter functions
- CVE-2023-0950
-- Rico Tzschichholz <ricotz@ubuntu.com> Thu, 25 May 2023 22:52:23 +0200
libreoffice (1:7.3.7-0ubuntu0.22.04.2) jammy; urgency=medium
* Cherry picked bug fixes release (LP: #2003335)
* Don’t set language to none on defined styles (tdf#126657, tdf#145104)
- ubuntu-0002-tdf-126657-tdf-145104-Don-t-set-language-to-none-on-.patch
* Fix bug in copying table where we need to create a primary key
- ubuntu-0003-Fix-bug-in-copying-table-where-we-need-to-create-a-p.patch
- ubuntu-0004-error-when-copying-table-and-the-copy-table-wizard-c.patch
- ubuntu-0005-make-ValueTransfer-easier-to-understand.patch
* Switch default currency HRK Croatian Kuna to EUR Euro
- ubuntu-0006-Related-tdf-150011-Add-HRK-Croatian-Kuna-to-Euro-con.patch
- ubuntu-0007-Resolves-tdf-150011-Switch-default-currency-HRK-Croa.patch
-- Rico Tzschichholz <ricotz@ubuntu.com> Thu, 02 Feb 2023 12:42:49 +0100
libreoffice (1:7.3.7-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream release (LP: #1995054)
[ Rico Tzschichholz ]
* Bump yaru source to "2022-09-04"
[ Rene Engelhard ]
* debian/rules:
- add missing >&3 to ufcq calls in bug scripts
- fix build-depends-on-obsolete-package
(s/libfreetype6-dev/libfreetype-dev/,
s/libfontconfig1-dev/libfontconfig-dev/)
- don't add Graphics; to draws .desktop, it's already there
-- Rico Tzschichholz <ricotz@ubuntu.com> Thu, 27 Oct 2022 12:34:13 +0200
libreoffice (1:7.3.6-0ubuntu0.22.04.2) jammy-security; urgency=medium
* SECURITY UPDATE: arbitrary script execution via Office URI Schemes
- debian/patches/CVE-2022-3140-4.patch: check impress/calc IFrame
FrameURL target in xmloff/source/draw/ximpshap.cxx.
- CVE-2022-3140
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 18 Oct 2022 07:19:40 -0400
libreoffice (1:7.3.6-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream release (LP: #1988744)
[ Rico Tzschichholz ]
* Bump yaru source to "2022-08-15"
* debian/patches/tdf-108560-horribly-slow-to-paste-many-lines-into-ed.patch:
- Calc very slow to open/save documents with large cell contents
[ Rene Engelhard ]
* debian/libreoffice-common.preinst.in,debian/rules,
debian/shell-lib-extensions.sh:
- Broken libreoffice trigger and /usr/lib/libreoffice/share/extensions
missing; libreoffice fails to start when last extension is removed
(/usr/lib/libreoffice/share/extensions being a 0-byte file)
-- Rico Tzschichholz <ricotz@ubuntu.com> Mon, 05 Sep 2022 16:18:50 +0200
libreoffice (1:7.3.5-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream release (LP: #1981966)
-- Rico Tzschichholz <ricotz@ubuntu.com> Sat, 16 Jul 2022 12:39:11 +0200
# For older changelog entries, run 'apt-get changelog libunoloader-java'
Generated by dwww version 1.14 on Sat Jan 18 04:36:48 CET 2025.