From: Raspbian automatic forward porter <root@raspbian.org>
Date: Sun, 1 Jun 2025 07:14:55 +0000 (+0100)
Subject: Merge version 1:7.0.4-4+rpi1+deb11u12 and 1:7.0.4-4+deb11u13 to produce 1:7.0.4-4... 
X-Git-Tag: archive/raspbian/1%7.0.4-4+rpi1+deb11u13^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=ea7f809c631bc5e8944143fc09f0a8f57092bf73;p=libreoffice.git

Merge version 1:7.0.4-4+rpi1+deb11u12 and 1:7.0.4-4+deb11u13 to produce 1:7.0.4-4+rpi1+deb11u13
---

ea7f809c631bc5e8944143fc09f0a8f57092bf73
diff --cc debian/changelog
index 09cf7758c4a,b22e274fbe5..dc55dae548e
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,12 -1,14 +1,24 @@@
- libreoffice (1:7.0.4-4+rpi1+deb11u12) bullseye-staging; urgency=medium
++libreoffice (1:7.0.4-4+rpi1+deb11u13) bullseye-staging; urgency=medium
 +
 +  [changes brought forward from 1:6.0.2-1+rpi2 by Peter Michael Green <plugwash@raspbian.org> at Fri, 27 Apr 2018 02:14:18 +0000]
 +  * Disable testsuite.
 +
 +  [changes introduced in 1:5.4.0-1+rpi1 by Peter Michael Green]
 +  * Disable pdfium, it fails to build for armv6
 +
-  -- Raspbian forward porter <root@raspbian.org>  Sat, 18 Jan 2025 20:05:39 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sun, 01 Jun 2025 07:14:53 +0000
++
+ libreoffice (1:7.0.4-4+deb11u13) bullseye-security; urgency=medium
+ 
+   * Non-maintainer upload by the Debian LTS team.
+   * d/patches/CVE-2025-1080.patch: Add patch to fix CVE-2025-1080.
+     - Filter out more unwanted command URIs to fix an arbitrary script
+       execution via protocol.
+   * d/patches/CVE-2025-2866.patch: Add patch to fix CVE-2025-2866.
+     - For PDF signatures with SubFilter == adbe.pkcs7.sha1, verify the
+       actual (public-key) signature after the hash values compare equal.
+ 
+  -- Daniel Leidert <dleidert@debian.org>  Sat, 31 May 2025 05:25:27 +0200
  
  libreoffice (1:7.0.4-4+deb11u12) bullseye-security; urgency=medium