- libreoffice (4:7.4.7-1+rpi1) bookworm-staging; urgency=medium
++libreoffice (4:7.4.7-1+rpi1+deb12u2) bookworm-staging; urgency=medium
+
+ [changes brought forward from 1:6.0.2-1+rpi2 by Peter Michael Green <plugwash@raspbian.org> at Fri, 27 Apr 2018 02:14:18 +0000]
+ * Disable testsuite.
+
+ [changes introduced in 1:5.4.0-1+rpi1 by Peter Michael Green]
+ * Disable pdfium, it fails to build for armv6
+
+ [changes introduced in 1:7.2.4-3+rpi1 by Peter Michael Green]
+ * Use clang 11, newer versions cause armv7 contamination issues.
+
- -- Raspbian forward porter <root@raspbian.org> Sat, 29 Jul 2023 11:30:18 +0000
++ -- Raspbian forward porter <root@raspbian.org> Sun, 26 May 2024 13:12:47 +0000
++
+ libreoffice (4:7.4.7-1+deb12u2) bookworm-security; urgency=high
+
+ * debian/patches/add-notify-for-script-use.diff: add fix for
+ CVE-2024-3044 ("Graphic on-click binding allows unchecked script
+ execution")
+
+ -- Rene Engelhard <rene@debian.org> Mon, 01 Apr 2024 11:05:27 +0200
+
+ libreoffice (4:7.4.7-1+deb12u1) bookworm-security; urgency=high
+
+ * debian/patches/escape-url-passed-to-gstreamer.diff: add from
+ libreoffice-7-5; fixes CVE-2023-6185: "Improper input validation
+ enabling arbitrary Gstreamer pipeline injection"
+ * debian/patches/floating-frame-targets-unneeded-protocols.diff,
+ debian/patches/warn-about-exotic-protocols-as-well.diff,
+ debian/patches/ignore-LO-special-purpose-hyperlinks-per-default.diff,
+ debian/patches/reuse-AllowedLinkProtocolFromDocument-{1,2}.diff:
+ add from libreoffice-7-5; fixes CVE-2023-6186: "Link targets allow
+ arbitrary script execution"
+ * debian/patches/work-around-expired-certificiate-in-test.diff: add from
+ upstream https://gerrit.libreoffice.org/c/core/+/159909
+
+ -- Rene Engelhard <rene@debian.org> Tue, 28 Nov 2023 17:39:15 +0000
libreoffice (4:7.4.7-1) bookworm; urgency=medium
projects / libreoffice.git / commitdiff