dgit.raspbian.org Git - libreoffice.git/commit

author	Caolán McNamara <caolanm@redhat.com>
	Mon, 21 Mar 2022 20:58:34 +0000 (20:58 +0000)
committer	Bastien Roucariès <rouca@debian.org>
	Sat, 28 Sep 2024 13:36:47 +0000 (13:36 +0000)
commit	beba68687086e0608c3b813501a3fd259d14af89
tree	eb2c76a10e6a532d07049da94a7e3be1fb95d8c1	tree \| snapshot
parent	d2393ca4b328b735afd28b7368a25bc3612d407c	commit \| diff

[PATCH 2/4] CVE-2022-26307 make hash encoding match decoding

Seeing as old versions of the hash may be in the users config, add a
StorageVersion field to the office config Passwords section which
defaults to 0 to indicate the old hash is in use.

Try the old varient when StorageVersion is 0. When a new encoded master
password it set write StorageVersion of 1 to indicate a new hash is in
use and use the new style when StorageVersion is 1.

Change-Id: I3174c37a5891bfc849984e0ec5c2c392b9c6e7b1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132080
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit e890f54dbac57f3ab5acf4fbd31222095d3e8ab6)

Gbp-Pq: Name 0002-CVE-2022-26307-make-hash-encoding-match-decoding.patch

officecfg/registry/schema/org/openoffice/Office/Common.xcs		diff \| blob \| history
svl/source/passwordcontainer/passwordcontainer.cxx		diff \| blob \| history
svl/source/passwordcontainer/passwordcontainer.hxx		diff \| blob \| history
uui/source/iahndl-authentication.cxx		diff \| blob \| history