- libreoffice (1:7.0.4-4+rpi1+deb11u11) bullseye-staging; urgency=medium
++libreoffice (1:7.0.4-4+rpi1+deb11u12) bullseye-staging; urgency=medium
+
+ [changes brought forward from 1:6.0.2-1+rpi2 by Peter Michael Green <plugwash@raspbian.org> at Fri, 27 Apr 2018 02:14:18 +0000]
+ * Disable testsuite.
+
+ [changes introduced in 1:5.4.0-1+rpi1 by Peter Michael Green]
+ * Disable pdfium, it fails to build for armv6
+
- -- Raspbian forward porter <root@raspbian.org> Thu, 17 Oct 2024 15:49:13 +0000
++ -- Raspbian forward porter <root@raspbian.org> Sat, 18 Jan 2025 20:05:39 +0000
++
+ libreoffice (1:7.0.4-4+deb11u12) bullseye-security; urgency=medium
+
+ * LTS team upload
+ * Fix CVE-2024-12425:
+ Path traversal leading to arbitrary .ttf file write
+ Various file formats can contain embedded font files which
+ are extracted to temporary files which are added to
+ LibreOffice's font lists.
+ Prior to this fix, an attacker could craft a document
+ with embedded font file path names which could cause
+ LibreOffice to write the contents of the embedded font
+ to a filename in an arbitrary location the user has
+ permission to write to. Albeit always with a
+ ".ttf" suffix.
+ * Fix CVE-2024-12426
+ URL fetching can be used to exfiltrate arbitrary INI
+ file values and environment variables
+ URLs could be constructed which expanded environmental
+ variables or INI file values, so potentially sensitive
+ information could be exfiltrated to a remote server on
+ opening a document containing such links.
+ Prior to this fix, documents could include links that
+ made use of an internal feature that expands environmental
+ variables and INI file values in URLS. In the fixed version,
+ the expansion feature is not available in document hosted urls.
+ * Remove CJK test that fail on some builder (flaky test)
+
+ -- Bastien Roucariès <rouca@debian.org> Mon, 13 Jan 2025 22:18:17 +0000
libreoffice (1:7.0.4-4+deb11u11) bullseye-security; urgency=medium
projects / libreoffice.git / commitdiff