- libreoffice (1:7.0.4-4+rpi1+deb11u10) bullseye-staging; urgency=medium
++libreoffice (1:7.0.4-4+rpi1+deb11u11) bullseye-staging; urgency=medium
+
+ [changes brought forward from 1:6.0.2-1+rpi2 by Peter Michael Green <plugwash@raspbian.org> at Fri, 27 Apr 2018 02:14:18 +0000]
+ * Disable testsuite.
+
+ [changes introduced in 1:5.4.0-1+rpi1 by Peter Michael Green]
+ * Disable pdfium, it fails to build for armv6
+
- -- Raspbian forward porter <root@raspbian.org> Thu, 15 Aug 2024 16:46:51 +0000
++ -- Raspbian forward porter <root@raspbian.org> Thu, 17 Oct 2024 15:49:13 +0000
++
+ libreoffice (1:7.0.4-4+deb11u11) bullseye-security; urgency=medium
+
+ * LTS team upload
+ * Fix CVE-2024-7788:
+ Various file formats used by libreoffice are based on
+ the zip file format.
+ In cases of corruption of the underlying zip's central
+ directory, LibreOffice offers a "repair mode" which will
+ attempt to recover the zip file structure by scanning for
+ secondary local file headers in the zip to reconstruct
+ the document.
+ Prior to this fix, in the case of digitally signed zip
+ files, an attacker could construct a document which,
+ when repaired, reported a signature status not valid
+ for the recovered file.
+ Previously if verification failed the user could
+ choose to ignore the failure and enable the macros anyway.
+ Repair document mode has to be inherently tolerant,
+ so now in fixed versions all signatures are implied
+ to be invalid in recovery mode.
+
+ -- Bastien Roucariès <rouca@debian.org> Sat, 28 Sep 2024 13:36:47 +0000
libreoffice (1:7.0.4-4+deb11u10) bullseye-security; urgency=medium
projects / libreoffice.git / commitdiff