projects / libreoffice.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 3582c3a d3e45d1)
Merge version 1:7.0.4-4+rpi1+deb11u6 and 1:7.0.4-4+deb11u10 to produce 1:7.0.4-4... archive/raspbian/1%7.0.4-4+rpi1+deb11u10 raspbian/1%7.0.4-4+rpi1+deb11u10
authorRaspbian automatic forward porter <root@raspbian.org>
Thu, 15 Aug 2024 16:46:54 +0000 (17:46 +0100)
committerRaspbian automatic forward porter <root@raspbian.org>
Thu, 15 Aug 2024 16:46:54 +0000 (17:46 +0100)
1  2 
debian/changelog patch | diff1 | diff2 | blob | history

diff --cc debian/changelog
index fc62192b5eb85eb972bb710868e54f8205c05dbb,b9c66d93e49c227b3501dd5fe22a8607fae7bdbb..640013a920a5fd561e23b6af55cb81f39dc1a23c
--- 1/debian/changelog
--- 2/debian/changelog
+++ b/debian/changelog
@@@ -1,12 -1,44 +1,54 @@@
- libreoffice (1:7.0.4-4+rpi1+deb11u6) bullseye-staging; urgency=medium
++libreoffice (1:7.0.4-4+rpi1+deb11u10) bullseye-staging; urgency=medium
 +
 +  [changes brought forward from 1:6.0.2-1+rpi2 by Peter Michael Green <plugwash@raspbian.org> at Fri, 27 Apr 2018 02:14:18 +0000]
 +  * Disable testsuite.
 +
 +  [changes introduced in 1:5.4.0-1+rpi1 by Peter Michael Green]
 +  * Disable pdfium, it fails to build for armv6
 +
-  -- Raspbian forward porter <root@raspbian.org>  Fri, 12 May 2023 10:01:41 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Thu, 15 Aug 2024 16:46:51 +0000
++
+ libreoffice (1:7.0.4-4+deb11u10) bullseye-security; urgency=medium
+   * remove-ability-to-trust-not-validated-macro-signatures-in-high-security.diff:
+     as name says (CVE-2024-6472)
+  -- Rene Engelhard <rene@debian.org>  Thu, 01 Aug 2024 14:16:43 +0200
+ libreoffice (1:7.0.4-4+deb11u9) bullseye-security; urgency=high
+   * debian/patches/add-notify-for-script-use.diff: add fix for
+     CVE-2024-3044 ("Graphic on-click binding allows unchecked script
+     execution")
+  -- Rene Engelhard <rene@debian.org>  Mon, 01 Apr 2024 11:06:03 +0200
+ libreoffice (1:7.0.4-4+deb11u8) bullseye-security; urgency=high
+   * debian/patches/escape-url-passed-to-gstreamer.diff: add from
+     distro/lhm/libreoffice-6-4+backports upstream branch; fixes CVE-2023-6185: 
+     "Improper input validation enabling arbitrary Gstreamer pipeline injection"
+   * debian/patches/improve-macro-checks.diff: add patch which is needed for
+     the following to apply and makes sense to have anyway
+   * debian/patches/floating-frame-targets-unneeded-protocols.diff,
+     debian/patches/warn-about-exotic-protocols-as-well.diff,
+     debian/patches/ignore-LO-special-purpose-hyperlinks-per-default.diff,
+     debian/patches/reuse-AllowedLinkProtocolFromDocument-{1,2}.diff:
+     add from distro/lhm/libreoffice-6-4+backports upstream branch; fixes
+     CVE-2023-6186: "Link targets allow arbitrary script execution"
+   * debian/patches/work-around-expired-certificiate-in-test.diff: add from
+     upstream https://gerrit.libreoffice.org/c/core/+/159909
+  -- Rene Engelhard <rene@debian.org>  Tue, 28 Nov 2023 20:36:58 +0100
+ libreoffice (1:7.0.4-4+deb11u7) bullseye-security; urgency=high
+   * debian/patches/sc-stack-parameter-count.diff: fix CVE-2023-0950
+     ("Array Index UnderFlow in Calc Formula Parsing")
+   * debian/patches/CVE-2023-2255.diff:
+     fix CVE-2023-2255 ("Remote documents loaded without prompt via IFrame")
+  -- Rene Engelhard <rene@debian.org>  Wed, 24 May 2023 20:05:03 +0200
  
  libreoffice (1:7.0.4-4+deb11u6) bullseye; urgency=medium
  
Unnamed repository; edit this file 'description' to name the repository.