From: Raspbian automatic forward porter Date: Thu, 17 Oct 2024 15:49:15 +0000 (+0100) Subject: Merge version 1:7.0.4-4+rpi1+deb11u10 and 1:7.0.4-4+deb11u11 to produce 1:7.0.4-4... X-Git-Tag: archive/raspbian/1%7.0.4-4+rpi1+deb11u11 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=186fc6da3e6335916a23eb20ba8e3324a9420219;p=libreoffice.git Merge version 1:7.0.4-4+rpi1+deb11u10 and 1:7.0.4-4+deb11u11 to produce 1:7.0.4-4+rpi1+deb11u11 --- b33dd55f38645ed9f34b97cecc9a769eef21771c diff --cc debian/changelog index 640013a920a,c0504315f63..4f67bc69ab1 --- a/debian/changelog +++ b/debian/changelog @@@ -1,12 -1,25 +1,35 @@@ - libreoffice (1:7.0.4-4+rpi1+deb11u10) bullseye-staging; urgency=medium ++libreoffice (1:7.0.4-4+rpi1+deb11u11) bullseye-staging; urgency=medium + + [changes brought forward from 1:6.0.2-1+rpi2 by Peter Michael Green at Fri, 27 Apr 2018 02:14:18 +0000] + * Disable testsuite. + + [changes introduced in 1:5.4.0-1+rpi1 by Peter Michael Green] + * Disable pdfium, it fails to build for armv6 + - -- Raspbian forward porter Thu, 15 Aug 2024 16:46:51 +0000 ++ -- Raspbian forward porter Thu, 17 Oct 2024 15:49:13 +0000 ++ + libreoffice (1:7.0.4-4+deb11u11) bullseye-security; urgency=medium + + * LTS team upload + * Fix CVE-2024-7788: + Various file formats used by libreoffice are based on + the zip file format. + In cases of corruption of the underlying zip's central + directory, LibreOffice offers a "repair mode" which will + attempt to recover the zip file structure by scanning for + secondary local file headers in the zip to reconstruct + the document. + Prior to this fix, in the case of digitally signed zip + files, an attacker could construct a document which, + when repaired, reported a signature status not valid + for the recovered file. + Previously if verification failed the user could + choose to ignore the failure and enable the macros anyway. + Repair document mode has to be inherently tolerant, + so now in fixed versions all signatures are implied + to be invalid in recovery mode. + + -- Bastien Roucariès Sat, 28 Sep 2024 13:36:47 +0000 libreoffice (1:7.0.4-4+deb11u10) bullseye-security; urgency=medium