dgit.raspbian.org Git - libreoffice.git/commit

author	Caolán McNamara <caolanm@redhat.com>
	Mon, 21 Mar 2022 20:58:34 +0000 (20:58 +0000)
committer	Rene Engelhard <rene@debian.org>
	Sat, 25 Mar 2023 13:04:55 +0000 (13:04 +0000)
commit	ecd8dc8dd5d8d8041d66f7eff8c67a509c047626
tree	6d7b6e5792ed63913a033e59b432fe97f420432f	tree \| snapshot
parent	080ca37149e729dff580b2c486cf33872d040900	commit \| diff

[PATCH 2/4] CVE-2022-26307 make hash encoding match decoding

Seeing as old versions of the hash may be in the users config, add a
StorageVersion field to the office config Passwords section which
defaults to 0 to indicate the old hash is in use.

Try the old varient when StorageVersion is 0. When a new encoded master
password it set write StorageVersion of 1 to indicate a new hash is in
use and use the new style when StorageVersion is 1.

Change-Id: I3174c37a5891bfc849984e0ec5c2c392b9c6e7b1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132080
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit e890f54dbac57f3ab5acf4fbd31222095d3e8ab6)

Gbp-Pq: Name 0002-CVE-2022-26307-make-hash-encoding-match-decoding.patch

officecfg/registry/schema/org/openoffice/Office/Common.xcs		diff \| blob \| history
svl/source/passwordcontainer/passwordcontainer.cxx		diff \| blob \| history
svl/source/passwordcontainer/passwordcontainer.hxx		diff \| blob \| history
uui/source/iahndl-authentication.cxx		diff \| blob \| history