Merge version 1:6.1.5-3+rpi1+deb10u10 and 1:6.1.5-3+deb10u11 to produce 1:6.1.5-3+rpi1+deb10u11

Merge libreoffice (1:6.1.5-3+deb10u11) import into refs/heads/workingbranch

CVE-2020-12803 limit forms to http[s]

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93993
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 5d101a65c31e6c2f8dd0edffe05f69055cbd481c)

Conflicts:
forms/source/xforms/submission.cxx

Change-Id: I3ed0bc626f693ec03f610dc7361f93cad914c9d8

origin: https://github.com/LibreOffice/core/commit/ddd7a2f43634bb3e2b2a1978bcf09d8f3fd27bab.patch

Gbp-Pq: Name 0097-CVE-2020-12803-limit-forms-to-http-s.patch

CVE-2020-12801 tdf#93389: keep encryption information for autorecovered MS formats

The autorecovery data is stored in ODF, regardless of the original
document format. When restoring, type detection generates ODF data,
which is stored in the media descriptor attached to document, even
after real filter was restored (see AutoRecovery::implts_openDocs).
If real filter is not ODF, then at the save time, it doesn't find
necessary information in encryption data, and makes not encrypted
package.

This patch adds both MS binary data, and OOXML data, to existing
ODF data for recovered password-protected documents (regardless of
their real filter).

TODO: only add required information to encryption data: pass real
filter name to DocPasswordHelper::requestAndVerifyDocPassword from
AutoRecovery::implts_openDocs.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86201
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
(cherry picked from commit dd198398b6e5c84ab1255a90ef96e6445b66a64f)

Conflicts:
comphelper/source/misc/docpasswordhelper.cxx

Change-Id: I4717f067ad3c40167312b99eefef5584a467bfed
(cherry picked from commit 6017cdff264afc3b98beeba1330d6df28102fe7a)

origin: https://github.com/LibreOffice/core/commit/5b6c866d522e7eef636a5fa4048c39c1ea60e466.patch

Gbp-Pq: Name 0096-CVE-2020-12801-tdf-93389-keep-encryption-information.patch

CVE-2020-12801 tdf#118639: store ODF encryption data for autorecovery

When saving autorecovery information, ODF is used. If the original
document is password-protected, its autorecovery is also generated
password-protected (since ef87ff6680f79362a431db6e7ef2f40cfc576219).
But when the stored encryption data for non-ODF document does not
contain "PackageSHA256UTF8EncryptionKey" value, following
ZipPackage::GetEncryptionKey fails, so the whole save fails.

So just generate and append ODF encryption keys where we still have
user password.

Reviewed-on: https://gerrit.libreoffice.org/84052
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
(cherry picked from commit 63634738dd03cc74806ce6843c16ff5e51a371a0)
Reviewed-on: https://gerrit.libreoffice.org/84133
Reviewed-by: Xisco Faulí <xiscofauli@libreoffice.org>
(cherry picked from commit e569dc9824e95617d921bb8f115d243aea0125b9)
Reviewed-on: https://gerrit.libreoffice.org/84232
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
(cherry picked from commit d1450f5bddd0f108078e0dfb11c9f130175fafe7)

Conflicts:
comphelper/source/misc/docpasswordhelper.cxx

Change-Id: I776e28de784489521e4941d1075690f90c056014

origin: https://github.com/LibreOffice/core/commit/b838986c6edfb4e5fb1e30bf47d8ad54ae2b4098.patch

Gbp-Pq: Name 0095-CVE-2020-12801-tdf-118639-store-ODF-encryption-data-.patch

CVE-2020-12802 use the LinkManager persist to determine the Referer

LibreOffice has a ‘stealth mode’ in which only documents from locations deemed ‘trusted’
are allowed to retrieve remote resources. This mode is not the default mode,
but can be enabled by users who want to disable LibreOffice’s ability to include remote resources within a document.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94061
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 3ee652e1c18186a5de47797aa4b02defcb29c210)

Conflicts:
svx/source/svdraw/svdograf.cxx

Change-Id: I4e93878972492a93af368ffa0560412132431a24

origin: https://github.com/LibreOffice/core/commit/665258448af655f4b9da434ec29d380597b901e6.patch
bug-freexian-security: https://deb.freexian.com/extended-lts/tracker/CVE-2020-12802
bug: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802

Gbp-Pq: Name 0094-CVE-2020-12802-use-the-LinkManager-persist-to-determ.patch

[6/6] CVE-2023-6186 reuse AllowedLinkProtocolFromDocument in impress/draw

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159843
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
(cherry picked from commit f0942eed2eb328b04856f20613f5226d66b66a20)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159759
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Signed-off-by: Xisco Fauli <xiscofauli@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159884
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 569fa7f755718a06f23d25b2132bf0400cec7a0f)
(cherry picked from commit b60bd2dddc4b9d6d60615d61051a9f9ee5410851)
(cherry picked from commit 8b244a0ce8a9170a1fd61e19a0c943230a741fbe)
(cherry picked from commit 87535988868baac08173fc826dbb6c6cbdf91dd4)
(cherry picked from commit fd809982a280218046ab7e6e6d24492420143e6c)
(cherry picked from commit 56dd18f55d14939a1d5697e8580efd580bae0da7)
(cherry picked from commit 5aa0ae5fffe3a6f98e2ae4a677a20a8f95d3eed3)
(cherry picked from commit d0263e4735d37e52184e6e46c3c1405de9400e08)
(cherry picked from commit 13a3d545f3095ff34a6765b0597e44afdb19de11)

Change-Id: I73ca4f087946a45dbf92d69a0dc1e769de9b5690
origin: https://github.com/LibreOffice/core/commit/f67bb3e4edc067e3b4c8ac93af29b56adb551c49

Gbp-Pq: Name 0093-6-6-CVE-2023-6186-reuse-AllowedLinkProtocolFromDocum.patch

[5/6] CVE-2023-6186 reuse AllowedLinkProtocolFromDocument in writer

reorg calc hyperlink check to reuse elsewhere

Change-Id: I20ae3c5df15502c3a0a366fb4a2924c06ffac3d0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159487
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
(cherry picked from commit e6a7537762e19fde446441edd10d301f9b37ce75)

reuse AllowedLinkProtocolFromDocument in writer

Change-Id: Iacf5e313fc6ca5f7d69ca6986a036f0e1ab1f2a0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159488
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
(cherry picked from commit 32535dfa82200b54296838b52285c054fbe5e51d)

combine these hyperlink dispatchers into one call

Change-Id: Icb7822e811013de648ccf2fbb23a5f0be9e29bb0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159489
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
(cherry picked from commit 0df175ccc6ea542bc5801f631ff72bed187042eb)

we can have just one LoadURL for writer

Change-Id: Ia0162ee1c275292fcf200bad4662e4c2c6b7b972
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159557
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
(cherry picked from commit 521ca9cf6acbae96cf95d9740859c9682212013d)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159858
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit e32b8601dbd63cf01497889601d6c9c1241106d6)

Drop change of sw/source/uibase/shells/drwtxtex.cxx. Context menu is not yet present see:
https://github.com/LibreOffice/core/commit/e959f4446cbba0e07c89c2be468e4ade29e7ef0c

origin: https://github.com/LibreOffice/core/commit/7bd23139442dcd3a9c4aaa4bcfd295c45f49579a.patch

Gbp-Pq: Name 0092-5-6-CVE-2023-6186-reuse-AllowedLinkProtocolFromDocum.patch

tdf#125041 fix hyperlinks to IDN websites

Revert "tdf#86087 Open relative links in Writer"

This reverts commit 4b9e237850efe36f7e35d65e14d6953f1e1f3a45.

The reverted commit caused a regression in the handling of
internationalized domain names: these non-ASCII URLs were converted
to file URIs.

Change-Id: Ia481aa1199d20083b72f9f8571992e40b3fc2e77
Reviewed-on: https://gerrit.libreoffice.org/76804
Reviewed-by: László Németh <nemeth@numbertext.org>
Tested-by: László Németh <nemeth@numbertext.org>
Gbp-Pq: Name 0091-tdf-125041-fix-hyperlinks-to-IDN-websites.patch

[4/6] CVE-2023-6186  default to ignoring libreoffice special-purpose protocols in calc hyperlink

Change-Id: Ib9f62be3acc05f24ca234dec0fec21e24579e9de
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158911
Tested-by: Jenkins
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
(cherry picked from commit b6062623b4d69c79e90e9365ac7c5e7f11986793)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159045
Reviewed-by: Eike Rathke <erack@redhat.com>
(cherry picked from commit 672716d09c54cb6fdd59baa7da4b8393cf104cd2)

origin: https://github.com/LibreOffice/core/commit/09833101c989ead8dc751a611a27489ed2f1bcf1.patch

Gbp-Pq: Name 0090-4-6-CVE-2023-6186-default-to-ignoring-libreoffice-sp.patch

PATCH] tdf#126393 Select cell even when clicking on a hyperlink

and the hyperlink isn't being opened anyway (no ctrl clicked e.g.)

Change-Id: Ic0c0df9b91000a8e661075901e8bfdb7167081f9
Reviewed-on: https://gerrit.libreoffice.org/75730
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Gbp-Pq: Name 0089-PATCH-tdf-126393-Select-cell-even-when-clicking-on-a.patch

lok: sc: ctrl-clicking links doesn't work

I think there is no reason for not execuring the code below

if ((bDouble || bIsTiledRendering) && .... ) { ... }

for both desktop and online.

So since the code for open the clicked URL is below such if
clause, I changed the code so that we return only when it's really a
double click event.

Moreover I reverted back the code for executing the list validation
pop-up to its original place, since there is no more the need to have
it executed in two places.

Change-Id: Idbec2e6e45cd7ee8282005169e1132a11d4cac33
Reviewed-on: https://gerrit.libreoffice.org/54151
Tested-by: Jenkins
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Gbp-Pq: Name 0088-lok-sc-ctrl-clicking-links-doesn-t-work.patch

ScGlobal::OpenURL: support relative references as URI references in hyperlinks

Instead of failing with "is not an absolute URL" error.

For example in the HYPERLINK() spreadsheet function where Excel
supports it, but also anywhere else that calls OpenURL(). A
relative reference is relative to the current document, or for yet
unsaved documents or if no object shell is available relative to
the work path, as usual.

Additional benefit is that "\\" UNC path names are accepted as
smb:// Samba shares and DOS \ path name separators resolved for a
proper file:// URI.

Users are asking for this, found no related tdf# bug/RFE. See
https://ask.libreoffice.org/en/question/160280/relative-and-absolute-hyperlinks/
and other linked q&a therein.

Change-Id: Ib314b71d68fbe1793ec614cbf7c0c058fad14a10
Reviewed-on: https://gerrit.libreoffice.org/57277
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
Gbp-Pq: Name 0087-ScGlobal-OpenURL-support-relative-references-as-URI-.patch

ScGlobal::OpenURL: rearrange item init

Preparing for additional URL handling.

Change-Id: I7897a2c0771b42c02911d8a979c0064410ebd792

Gbp-Pq: Name 0086-ScGlobal-OpenURL-rearrange-item-init.patch

ScGlobal::OpenURL: obtain pViewFrm early and bail out if not available

Unnecessary to init a bunch of stuff if not.

Change-Id: Ica80185370ecc341bda5b1615ff6d765b579f45e

Gbp-Pq: Name 0085-ScGlobal-OpenURL-obtain-pViewFrm-early-and-bail-out-.patch

[3/6] CVE-2023-6186 warn about exotic protocols as well

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158902
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit aafe05584e601236e84a165f2816b187189cfb77)
(cherry picked from commit 799f0225d7171e6c04324ace1f31c7fe976662a4)
(cherry picked from commit ae06669597e5a485676ba4394822cba8bb88d394)
(cherry picked from commit a7138808fbb8eb263af436ee4227cbe9c829b676)
(cherry picked from commit 19316aacbb9f1774565a157d21e70c88c490cef6)
(cherry picked from commit 13c0bdee068ad4af1f4e03461580ec7bddeb0d63)
(cherry picked from commit f7f3aab1c9f49a4e56711c7fd3b32da793b00a43)

Change-Id: I50dcf4f36cd20d75f5ad3876353143268740a50f

Gbp-Pq: Name 0084-3-6-CVE-2023-6186-warn-about-exotic-protocols-as-wel.patch

[2/6] CVE-2023-6186 add some protocols that don't make sense as floating frame targets

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158910
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
(cherry picked from commit 11ebdfef16501c6d35c3e3d0d62507f706557c71)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158901
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 73e90d15c48a8f148e4e8f024cdf1b397efbcc53)
(cherry picked from commit b35aa37a5d1f32a419e7f311e415615808731acd)
(cherry picked from commit 421be99a6b101ac4ec91ad95b48c50fa17e47d36)
(cherry picked from commit fa390145228c9b9a044698fe4b7636c05210fda3)
(cherry picked from commit e549b65636b31971d8fb7fafc92e683bdef35cb6)
(cherry picked from commit eb42c9ad6473fb84fb5c02e522efe01e68e3ce43)
(cherry picked from commit adb38d113f86b9972b2a3aa9fa67620f854526fa)

Change-Id: Id900a5eef248731d1184c1df501a2cf7a2de7eb9

Gbp-Pq: Name 0083-2-6-CVE-2023-6186-add-some-protocols-that-don-t-make.patch

[1/6] CVE-2023-6186 Improve macro checks

This patch is a prerequirement for fixing CVE-2023-6186

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109552
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 1dc71daf7fa7204a98c75dac680af664ab9c8edb)

Change-Id: Ie40801df8866b52c1458e020ffa9cba120720af7
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110281
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Gbp-Pq: Name 0082-1-6-CVE-2023-6186-Improve-macro-checks.patch

CVE-2023-6185  escape url passed to gstreamer

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/158895
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 2ee1167da1952b133280db2ae26eed6bf0303bc2)
(cherry picked from commit a77d9c151f043f070512488d84f0b839f4ed4553)
(cherry picked from commit 2b896a0ba8818804b89735bd7c8991fa8eb3d7b5)
(cherry picked from commit 0f14350fe70907d4466bcef15bfe05865b37babd)
(cherry picked from commit 9b7df77e3491add0919d8de993df0f40d7c58a70)
(cherry picked from commit 714e464631533901314f3189ce293dca47bec20e)
(cherry picked from commit cc41f40d696cec7c3ecec147b899d45d09f4629c)
(cherry picked from commit b3299fe7ae71b0ed781284a49cb03e34af15fcc0)

Change-Id: I3c93ee34800cc8563370f75ef3ef6f8a9220e6ec

origin: https://github.com/LibreOffice/core/commit/ba2cefc4cb8f8ed3c89cd195bb8d2eb4417b1b61.patch
bug: https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185/
bug-freexian-security: https://deb.freexian.com/extended-lts/tracker/CVE-2023-6185

Gbp-Pq: Name 0081-CVE-2023-6185-escape-url-passed-to-gstreamer.patch

[3/3] CVE-2023-2255 assume IFrame script/macro support isn't needed

seems undocumented at least

Change-Id: I316e4f4f25ddb7cf6b7bac4d856a721b987207a3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151020
Tested-by: Jenkins
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/152152
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
bug: https://www.libreoffice.org/about-us/security/advisories/cve-2023-2255/
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2023-2255

Gbp-Pq: Name 0080-3-3-CVE-2023-2255-assume-IFrame-script-macro-support.patch

[2/3] CVE-2023-2255 put floating frames under managed links control

From 59beb215c3debbdbff0357092b7e7961d69a7298 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
Date: Thu, 13 Apr 2023 11:31:17 +0100
Subject: [PATCH 2/3] put floating frames under managed links control
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

like we do for sections and ole objects that link to their content

individual commits in trunk are:

extract a OCommonEmbeddedObject::SetInplaceActiveState for reuse

no behaviour change intended

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150341
Tested-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 183e34a3f8c429c0698951e24c17844e416a3825)

use parent window as dialog parent

it makes no odds, but is more convenient for upcoming modification

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150342
Tested-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit f93edf343658abd489bde3639d2ffaefd50c0f99)

adjust IFrameObject so it could reuse mxFrame for a reload of content

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150343
Tested-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 3a727d26fd9eb6fa140bc3f5cadf3db079d42206)

query getUserAllowsLinkUpdate for the case of content in a floating frame

similarly to how it works for the more common "normal" embedded objects

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149971
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 52aa46468531918eabfa2031dedf50377ae72cf7)

add a route to get writer Floating Frame links under 'manage links'

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150349
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 8b8a2844addbd262befb1a2d193dfb590dfa20be)

allow SvxOle2Shape::resetModifiedState to survive having no SdrObject

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150538
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 02379929bd0e1d1676635f0ca1920422702ebb7c)

create the FloatingFrameShape in a separate step to inserting it

this is derived from the path taken by the AddShape(const OUString&)
function for this case. No change in behavior is intended.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150526
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit bafec47847a0b9697b3bbe9358e53f8118af3024)

add a route to get calc Floating Frame links under 'manage links'

much harder than writer because the organization and ordering
of properties and object activation etc is different.

This ended up ugly, but functions.

We set FrameURL before AddShape, we have to do it again later because it
gets cleared when the SdrOle2Obj is attached to the XShape.  But we want
FrameURL to exist when AddShape triggers SetPersistName which itself
triggers SdrOle2Obj::CheckFileLink_Impl and at that point we want to
know what URL will end up being used. So bodge this by setting FrameURL
to the temp pre-SdrOle2Obj attached properties and we can smuggle it
eventually into SdrOle2Obj::SetPersistName at the right point after
PersistName is set but before SdrOle2Obj::CheckFileLink_Impl is called
in order to inform the link manager that this is an IFrame that links to
a URL

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150539
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 07179a5a5bd00f34acfa8a3f260dd834ae003c63)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150755
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
bc5333b137d2da089b3b701ff615c6ddf43063d0
7eec3132a23faafd9a2878215a0a117a67bc9bf2
83e38dfa2f84907c2de9680e91f779d34864a9ad
f90ff71d6a96342574799312f764badaf97980eb
ea059262c124e3f44249e49b4189732310d28156
d09ae0c65a55a37743ad7c184070fb8dd97d8a7f
67fc199fef9e67fa12ca7873f0fe12137aa16d8f

Change-Id: Ia1d12aa5c9afdc1347f6d4364bc6a0b7f41ee168
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/152132
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
bug: https://www.libreoffice.org/about-us/security/advisories/cve-2023-2255/
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2023-2255

Gbp-Pq: Name 0079-2-3-CVE-2023-2255-put-floating-frames-under-managed-.patch

Refresh linked OLE representation when OLE updated

Change-Id: If949778779f1a91901412938d0b0298e1d7cfc3e
Reviewed-on: https://gerrit.libreoffice.org/57357
Tested-by: Jenkins
Reviewed-by: Armin Le Grand <Armin.Le.Grand@cib.de>
Gbp-Pq: Name 0078-Refresh-linked-OLE-representation-when-OLE-updated.patch

[1/3] CVE-2023-2255 set Referer on loading IFrames

so tools, options, security, options,
"block any links from document not..."
applies to their contents.

Change-Id: I04839aea6b07a4a76ac147a85045939ccd9c3c79
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150221
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/150751
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit acff9ca0579333b45d10ae5f8cd48172f563dddd)
(cherry picked from commit 04c8176fb40d2eb983aa0bd0a6ce65804d3f6ecd)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/152096
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
bug: https://www.libreoffice.org/about-us/security/advisories/cve-2023-2255/
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2023-2255

Gbp-Pq: Name 0077-1-3-CVE-2023-2255-set-Referer-on-loading-IFrames.patch

Subject: CVE-2023-0950 Obtain actual 0-parameter count for OR(), AND() and      1-parameter functions From: Eike Rathke <erack@redhat.com> Date: Thu, 16 Feb 2023 20:20:31 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit

OR and AND for legacy infix notation are classified as binary
operators but in fact are functions with parameter count. In case
no argument is supplied, GetByte() returns 0 and for that case the
implicit binary operator 2 parameters were wrongly assumed.
Similar for functions expecting 1 parameter, without argument 1
was assumed. For "real" unary and binary operators the compiler
already checks parameters. Omit OR and AND and 1-parameter
functions from this implicit assumption and return the actual 0
count.

Change-Id: Ie05398c112a98021ac2875cf7b6de994aee9d882
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147173
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
(cherry picked from commit e7ce9bddadb2db222eaa5f594ef1de2e36d57e5c)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147129
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit d6599a2af131994487d2d9223a4fd32a8c3ddc49)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147390
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
bug: https://www.libreoffice.org/about-us/security/advisories/cve-2023-0950/
bug-debian-security: https://deb.freexian.com/extended-lts/tracker/CVE-2023-0950

Gbp-Pq: Name 0076-Subject-CVE-2023-0950-Obtain-actual-0-parameter-coun.patch

From 5e8f64e50f97d39e83a3358697be14db03566878 Mon Sep 17 00:00:00 2001 From: Stephan Bergmann <sbergman@redhat.com> Date: Mon, 21 Feb 2022 11:55:21 +0100 Subject: CVE-2022-38745 Avoid unnecessary empty -Djava.class.path=

Libreoffice may be configured to add an empty entry to the Java class path.
This may lead to run arbitrary Java code from the current directory.

Debian-backport: use char szSep[] = {SAL_PATHSEPARATOR,0}; for building Ostring
path separator.

Change-Id: Idcfe7321077b60381c0273910b1faeb444ef1fd8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130242
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
bug: https://www.libreoffice.org/about-us/security/advisories/CVE-2022-38745
debian-bug-security: https://security-tracker.debian.org/tracker/CVE-2022-38745

Gbp-Pq: Name 0075-From-5e8f64e50f97d39e83a3358697be14db03566878-Mon-Se.patch

CVE-2022-3140: check impress/calc IFrame "FrameURL" target

similar to

commit c7450d0b9d02c64ae3da467d329040787039767e
Date:   Tue Aug 30 17:01:08 2022 +0100

    check IFrame "FrameURL" target

Conflicts:
xmloff/source/draw/ximpshap.cxx

Change-Id: Ibf28c29acb4476830431d02772f3ecd4b23a6a27
origin: https://github.com/LibreOffice/core/commit/50c9ae7573f5d63a7cdbcd2caea0d789e97c3a3f.patch

Gbp-Pq: Name 0074-CVE-2022-3140-check-impress-calc-IFrame-FrameURL-tar.patch

CVE-2022-3140: Filter out unwanted command URIs

Change-Id: I0b7e5329af8cc053d14d5c60ec14fe7f364ef993
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139225
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Conflicts:
desktop/source/app/cmdlineargs.cxx

origin: https://github.com/LibreOffice/core/commit/6f60a85d71f1e160bf48ca4d23cd9c99677961a2.patch
bug-debian-security: https://deb.freexian.com/extended-lts/tracker/CVE-2022-3140
bug: https://deb.freexian.com/extended-lts/tracker/CVE-2022-3140

Gbp-Pq: Name 0073-CVE-2022-3140-Filter-out-unwanted-command-URIs.patch

CVE-2022-3140: check IFrame "FrameURL" target

similiar to

commit b3edf85e0fe6ca03dc26e1bf531be82193bc9627
Date:   Wed Aug 7 17:37:11 2019 +0100

    warn on load when a document binds an event to a macro

Change-Id: Iea888b1c083d2dc69ec322309ac9ae8c5e5eb315
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139059
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Conflicts:
sfx2/source/doc/iframe.cxx
sw/source/filter/html/htmlplug.cxx
sw/source/filter/xml/xmltexti.cxx
bug-debian-security: https://deb.freexian.com/extended-lts/tracker/CVE-2022-3140
bug: https://deb.freexian.com/extended-lts/tracker/CVE-2022-3140

Gbp-Pq: Name 0072-CVE-2022-3140-check-IFrame-FrameURL-target.patch

CVE-2022-3140: warn on load when a document binds an event to a macro

a) treat shared/Scripts equivalently to document scripts

This doesn't automatically warn/block running those scripts when used in a
freshly loaded document on its own however

because DocumentMacroMode::checkMacrosOnLoading will see at...

if ( m_xData->m_rDocumentAccess.documentStorageHasMacros() || hasMacroLibrary() )

that the document contains no macros and flip the allow macros flag to true so
that potentially new uses of macros added by the user during the edit are
allowed to run

b) so, add an additional flag to indicate existence of use of macros in a document

c) for odf import, set it when a script:event-listener tag is encountered
d) for html import when registerScriptEvents or SwFormatINetFormat::SetMacroTable is called
e) for doc import when Read_F_Macro or StoreMacroCmds is called as well for good measure
f) for xls import when registerScriptEvent or ScMacroInfo::SetMacro is called
g) for oox import when VbaProject::attachMacros is called

Reviewed-on: https://gerrit.libreoffice.org/77387
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit 35fe064a67b54b0680b4845477c9b8751edda160)

Change-Id: Ic1203d8ec7dfc217aa217135033ae9db2888e19b
Reviewed-on: https://gerrit.libreoffice.org/83348
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
origin: https://github.com/LibreOffice/core/commit/96b7887cbfd24bb29e08667b027a86f79c246ce2
bug-debian-security: https://deb.freexian.com/extended-lts/tracker/CVE-2022-3140
bug: https://deb.freexian.com/extended-lts/tracker/CVE-2022-3140

Gbp-Pq: Name 0071-CVE-2022-3140-warn-on-load-when-a-document-binds-an-.patch

CVE-2022-26307: add Initialization Vectors to password storage

LibreOffice supports the storage of passwords for web connections in
the user’s configuration database. The stored passwords are encrypted
with a single master key provided by the user. A flaw in LibreOffice
existed where master key was poorly encoded resulting in weakening its
entropy from 128 to 43 bits making the stored passwords vulerable to a
brute force attack if an attacker has access to the users stored
config.

old ones default to the current all zero case and continue to work
as before

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131974
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 192fa1e3bfc6269f2ebb91716471485a56074aea)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132306
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit ab77587ec300f5c30084471000663c46ddf25dad)

(cherry picked from commit 713296ecd30bab02d41fcd23f19afed28d916701)

Change-Id: I6fe3b02fafcce1b5e7133e77e76a5118177d77af
origin: https://github.com/LibreOffice/core/commit/55d3095f14e98e5d2aadddf392911ca2d2b6dca9.patch
bug: https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2022-26307

Gbp-Pq: Name 0070-CVE-2022-26307-add-Initialization-Vectors-to-passwor.patch

Simplify Sequence iterations in svl [only passwordcontainer.cxx]

Needed for fixing CVE-2022-26307

Use range-based loops, STL and comphelper functions

Reviewed-on: https://gerrit.libreoffice.org/75563
Tested-by: Jenkins
Reviewed-by: Arkadiy Illarionov <qarkai@gmail.com>
(cherry picked from commit c9cce0d931b41ede0eca14b2ed2b84453f048362)

Change-Id: I1c3dbf194600bec60c0881d2d19ff07b89d8333b
origin: https://github.com/LibreOffice/core/commit/bfec3cf63ef43cc86e9a2fd90600d91b5fefe0c3.patch

Gbp-Pq: Name 0069-Simplify-Sequence-iterations-in-svl-only-passwordcon.patch

CVE-2022-26306, CVE-2022-26307: add infobar to prompt to refresh to replace old format

This patch ask an user to replace old format thus partially closing CVE-2022-26306, CVE-2022-26307

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131976
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit bbd196ff82bda9f66b4ba32a412f10cefe6da60e)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132307
Reviewed-by: Sophie Gautier <sophi@libreoffice.org>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit c5d01b11db3c83cb4a89d3b388d78e20dd3990b5)

(cherry picked from commit df05d27336927373bf83664a90156fbe505fc546)

Change-Id: Id99cbf2b50a4ebf289dae6fc67e22e20afcda35b
origin: https://github.com/LibreOffice/core/commit/cedd8063fed50cfd75fa3c69c4c87e2ae79b944d.patch

Gbp-Pq: Name 0068-CVE-2022-26306-CVE-2022-26307-add-infobar-to-prompt-.patch

CVE-2022-26307: make hash encoding match decoding

Seeing as old versions of the hash may be in the users config, add a
StorageVersion field to the office config Passwords section which
defaults to 0 to indicate the old hash is in use.

Try the old varient when StorageVersion is 0. When a new encoded master
password it set write StorageVersion of 1 to indicate a new hash is in
use and use the new style when StorageVersion is 1.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132080
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit e890f54dbac57f3ab5acf4fbd31222095d3e8ab6)

svl: fix crash if user cancels/closes master password dialog

(regression from d7ba5614d90381d68f880ca7e7c5ef8bbb1b1c43)

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/133932
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit bbb8617ece6d946957c2eb96287081029bce530f)

Change-Id: I3174c37a5891bfc849984e0ec5c2c392b9c6e7b1
(cherry picked from commit 7e35d53f51bb89ed3cea5f946214afb7d81e1b1e)
origin: https://github.com/LibreOffice/core/commit/c17ba8306704d6d428d673fb0079c4276f0bc256.patch
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2022-26307
bug: https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307
Signed-off-by: Bastien Roucariès <rouca@debian.org>
Gbp-Pq: Name 0067-CVE-2022-26307-make-hash-encoding-match-decoding.patch

Subject: CVE-2021-25636: only use X509Data

LibreOffice supports digital signatures of ODF documents and macros
within documents, presenting visual aids that no alteration of the
document occurred since the last signing and that the signature is
valid. An Improper Certificate Validation vulnerability in LibreOffice
allowed an attacker to create a digitally signed ODF document, by
manipulating the documentsignatures.xml or macrosignatures.xml stream
within the document to contain both "X509Data" and "KeyValue" children
of the "KeyInfo" tag, which when opened caused LibreOffice to verify
using the "KeyValue" but to report verification with the unrelated
"X509Data" value.

Change-Id: I52e6588f5fac04bb26d77c1f3af470db73e41f72
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127193
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit be446d81e07b5499152efeca6ca23034e51ea5ff)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127178
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
(cherry picked from commit b0404f80577de9ff69e58390c6f6ef949fdb0139)
Signed-off-by: Bastien Roucariès <rouca@debian.org>
bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2021-25636
bug-redhat: https://bugzilla.redhat.com/show_bug.cgi?id=2056955
origin: https://gitlab.com/redhat/centos-stream/rpms/libreoffice/-/raw/c8s/0001-CVE-2021-25636.patch
bug: https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636
Signed-off-by: Bastien Roucariès <rouca@debian.org>
Gbp-Pq: Name 0066-Subject-CVE-2021-25636-only-use-X509Data.patch

tdf#121384 don't leave a bare trailing : in PYTHONPATH

and don't insert any empty path entries if that situation
was to arise

Change-Id: I8d8183485f457c3e4385181fee07390c4bfef603
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96707
Reviewed-by: Tomáš Chvátal <tchvatal@suse.com>
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
Tested-by: Jenkins
(cherry picked from commit b72705d5391b849fc70a0a4cac33523c0ea5d054)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96803
Tested-by: Stephan Bergmann <sbergman@redhat.com>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Gbp-Pq: Name fix-PYTHONPATH.diff

opengl slide transitions not working with glm >= GLM 0.9.9.0

tracked it down to...

Removed default initialization, use GLM_FORCE_CTOR_INIT to restore the old behavior
so adding in GLM_FORCE_CTOR_INIT to get them working again

Change-Id: I1c6e7d8eb748fce40f0c518ff708708e5fb1e3d2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87789
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Gbp-Pq: Name glm-0.9.9-ctor.diff

tdf#128111: "adsrc" doesn't exist from Postgresql 12

Before Postgresql 8.0, there was only "adsrc"
then it's been deprecated
"The adsrc field is historical, and is best not used, because it does not track outside changes
 that might affect the representation of the default value.
 Reverse-compiling the adbin field (with pg_get_expr for example) is a better way to display the default value
"
and finally it's been removed with version 12

See evolution with:
- https://www.postgresql.org/docs/8/catalog-pg-attrdef.html
- https://www.postgresql.org/docs/11/catalog-pg-attrdef.html
- https://www.postgresql.org/docs/12/catalog-pg-attrdef.html

Merge with https://cgit.freedesktop.org/libreoffice/core/commit/?id=1ec93ef100bb5f6ccef91f12e28ed09feb3eb38b

Change-Id: I57e9da423a23b5a96bbb64b0e026b160e9643ab9
Reviewed-on: https://gerrit.libreoffice.org/80722
(cherry picked from commit 0c46c81e04530e8f6ce4f34195d8f0443ed8bfc3)
Reviewed-on: https://gerrit.libreoffice.org/80736
Tested-by: Jenkins
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
Gbp-Pq: Name Postgresql-12-no-adsrc.diff

Resolves: tdf#126928 allow link updates in an intermediate linked document

... if link updates are allowed in the current document and that
intermediate document resides in a trusted location.

This works with both, the "Always (from trusted locations)" and
the "On request" settings under Tools -> Options -> Calc ->
General. It can't work with documents residing in a non-trusted
location as there is no way to allow updates on demand for a such
loaded document (hidden via formulas).

Reviewed-on: https://gerrit.libreoffice.org/77588
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
(cherry picked from commit 54bf84746a2a9a2e2aaf0df9e429b0cfd538f640)

 Conflicts:
sc/source/ui/docshell/docsh4.cxx
sc/source/ui/docshell/externalrefmgr.cxx

Backported. Also includes

    commit 1663b1e8233db6c6d1c2b35639ad984961084009
    CommitDate: Tue Feb 26 21:15:57 2019 +0100

        tdf#120736: For Calc shared documents also check the original document URL

Change-Id: Ie483f7743db7c6d5cf947dc16a9c3660855f3423
Reviewed-on: https://gerrit.libreoffice.org/77613
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
Gbp-Pq: Name allow-link-updates-in-an-intermediate-linked-document.diff

Improve check

Change-Id: I8280a81eef2ced0ff0ace51ea9f094421abafe13
Reviewed-on: https://gerrit.libreoffice.org/78108
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 761e6dd25782420bf06e4a2ff3205a79b6cbb136)
Reviewed-on: https://gerrit.libreoffice.org/78129
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Gbp-Pq: Name Improve-check.diff

Improve check for absolute URI

Change-Id: I4dee44832107f72f8f3fb68554428dc1e646c346
Reviewed-on: https://gerrit.libreoffice.org/77706
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit c79efeb66f7951305d0334bc288aee1c571a8728)
Reviewed-on: https://gerrit.libreoffice.org/77724
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
Gbp-Pq: Name Improve-check-for-absolute-URI.diff

an absolute uri is invalid input

Change-Id: I392be4282be8ed67e3451b28d2c9f22acd4c87fc
Reviewed-on: https://gerrit.libreoffice.org/77564
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Tested-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 3c076e54f736980e208f5c27ecf179aa90aea103)
Reviewed-on: https://gerrit.libreoffice.org/77571
Tested-by: Jenkins
Gbp-Pq: Name an-absolute-uri-is-invalid-input.diff

construct final url from parsed output

Change-Id: Ifd733625a439685ad307603eb2b00bf463eb9ca9
Reviewed-on: https://gerrit.libreoffice.org/77373
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 87959e5deea6d33cd35dbb3b8423056f9566710e)
Reviewed-on: https://gerrit.libreoffice.org/77379

Gbp-Pq: Name construct-final-url-from-parsed-output.diff

expand pyuno path separators

Change-Id: Ic97649ed6d4be595b308922c7bdc880cbb60b239
Reviewed-on: https://gerrit.libreoffice.org/77102
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 75903a0298218f89a199a5ac151ee0166f4469d7)
Reviewed-on: https://gerrit.libreoffice.org/77116

Gbp-Pq: Name expand-pyuno-path-separators.diff

Properly obtain location

Change-Id: I9fb0d883a3623394343cd54ef61e5610544198c8
Reviewed-on: https://gerrit.libreoffice.org/77019
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit a9cde2557242a0c343d99533f3ee032599c66f42)
Reviewed-on: https://gerrit.libreoffice.org/77022
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Gbp-Pq: Name Properly-obtain-location.diff

keep name percent-encoded

Change-Id: I470c4b24192c3e3c9b556a9bbb3b084359e0033b
Reviewed-on: https://gerrit.libreoffice.org/77007
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Gbp-Pq: Name keep-name-percent-encoded.diff

decode url escape codes and check each path segment

Change-Id: Ie8f7cef912e8dacbc2a0bca73534a7a242a53ca1
Reviewed-on: https://gerrit.libreoffice.org/76395
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Jenkins
(cherry picked from commit 0344b7684753876a3148a47d1e131a1b13595f63)
Reviewed-on: https://gerrit.libreoffice.org/76538
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Gbp-Pq: Name decode-url-escape-codes-and-check-each-path-segment.diff

expand LibreLogo check to global events

Change-Id: I7f436983ba0eb4b76b02d08ee52626e54b103d5f
Reviewed-on: https://gerrit.libreoffice.org/76194
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 85cbe1f06703c0b8e1f15a3d969202d99c66f34b)
Reviewed-on: https://gerrit.libreoffice.org/76540
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Gbp-Pq: Name expand-LibreLogo-checks-to-global-events.diff

More uses of referer URL with SvxBrushItem

Reviewed-on: https://gerrit.libreoffice.org/73643
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit b518882de8213ef71a8003f95fbdf7689069c06d)
Conflicts:
sw/source/core/text/porfld.cxx
sw/source/core/unocore/unosett.cxx

Change-Id: I04b524784df4ef453d8b1feec13b62f183a17e23
Reviewed-on: https://gerrit.libreoffice.org/73860
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Gbp-Pq: Name More-uses-of-referer-URL-with-SvxBrushItem.diff

explictly-exclude-LibreLogo-from-XScript-usage

===================================================================

Gbp-Pq: Name explictly-exclude-LibreLogo-from-XScript-usage.diff

sanitize-LibreLogo-calls

===================================================================

Gbp-Pq: Name sanitize-LibreLogo-calls.diff

Introduce next Japanese gengou era 'Reiwa'

Prepare for "Japan's Y2K" Gengou calendar era switch after 2019-04-30

The emperor Akihito will abdicate on 2019-04-30. The next emperor
will be Naruhito, but so far neither the new era name (Heisei for
Akihito) nor its abbreviation or a Unicode character are
determined. At least introduce the new era with some dummy names
(Naruhito,Na,N).

Change-Id: I8c0af390ca0408ac259e47e7eaf2e49b5889c9ba
Reviewed-on: https://gerrit.libreoffice.org/58142
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
Introduce next Japanese gengou era 'Reiwa'

starting from 2019-05-01, which has been announced officially.

This fills the provisional slot acknowledged at
cacbb0faef77ae8462de9ff5c7307a6a2e28b2bb.

Change-Id: Ifb12e6afaad4c66d455f664b46ec946e80324e87
Reviewed-on: https://gerrit.libreoffice.org/70157
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
Reviewed-on: https://gerrit.libreoffice.org/70185

Gbp-Pq: Name jp-JP-Reiwa.diff

java.vendor-Debian

===================================================================

Gbp-Pq: Name java.vendor-Debian.diff

tdf#123077 gtk3_kde5: Set KFileWidget's custom widget only once

Since the event filter is only used to set the custom
widget in the KFileWidget, it can and needs to be removed
again once this has been done; which also avoids crashes.

(s. https://gerrit.libreoffice.org/#/c/67185/ for more
infos, where the same thing is done for kde5)

Change-Id: I5c719fb17510916b4730ed5c00bb638df2f183e3
Reviewed-on: https://gerrit.libreoffice.org/67184
Tested-by: Jenkins
Reviewed-by: Michael Weghorn <m.weghorn@posteo.de>
(cherry picked from commit 30cc54a4532a732a0cf6dfe9943521978ff7292f)
Reviewed-on: https://gerrit.libreoffice.org/67204
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Gbp-Pq: Name tdf123077.diff

apparmor-opencl

apparmor: Add opencl support

AppArmor in Debian Buster now has OpenCL abstractions.

Include OpenCL abstractions to fix OpenCL usage in Calc.

Gbp-Pq: Name apparmor-opencl.diff

Fix incorrect parameter type to std::min() on m68k

Last-Update: 2018-12-28

Gbp-Pq: Name m68k-fix-parameter-type.patch

[PATCH] Update orcus to 0.14.0.

And make all necessary adjustments for the new version of orcus.

Change-Id: I0dc207162a3ddfaad6da198a3d13b65f530757d5
Reviewed-on: https://gerrit.libreoffice.org/59884
Tested-by: Jenkins
Reviewed-by: Kohei Yoshida <libreoffice@kohei.us>
Gbp-Pq: Name orcus-0.14.diff

[PATCH] Update mdds to 1.4.1

loplugin:constantparam

Reviewed-on: https://gerrit.libreoffice.org/58875
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
(cherry picked from commit bb6f2b12e8f0bbc99a5ca93141d35fd40b043e55)

Update mdds to 1.4.1.

The largest change in 1.4.x relevant to the calc code is that the
multi_type_matrix::walk() methods now take a copy of the function
object rather than a reference, to allow for it to take an inline
lambda function.  Instead, it does return a instance of the input
function object, similar to how std::for_each() behaves.

In case the function object contains a large data member, try to
make it a moveable so that it will get moved rather than copied
when going through one of the walk() methods.

Reviewed-on: https://gerrit.libreoffice.org/59584
Tested-by: Jenkins
Reviewed-by: Kohei Yoshida <libreoffice@kohei.us>
(cherry picked from commit 51f73f35ea61dd81dd3194af50394b98ff1bf8e9)

mdds 1.4.1 is now a minimum requirement.

Reviewed-on: https://gerrit.libreoffice.org/59614
Tested-by: Jenkins
Reviewed-by: Kohei Yoshida <libreoffice@kohei.us>
(cherry picked from commit 4d1f735fcf064b18ef2848cc1f5a2a0616b0b33d)

fd08fc4a2ed75039e5292a35ff08726e0126c77f
647bcfbdd8e0417990ed93b25c1bca00f60df709

Change-Id: I676a8408e97cc8134009f764736cad68513c89ad

Gbp-Pq: Name mdds-1.4.1.diff

[PATCH] mariadb

Gbp-Pq: Name use-mariadb-java-instead-of-mysql-java.diff

disableClassPathURLCheck

===================================================================

Gbp-Pq: Name disableClassPathURLCheck.diff

apparmor-mesa

===================================================================

Gbp-Pq: Name apparmor-mesa.diff

Java 11 no longer synthesizes DocumentView$1.class

...so, for simplicity, just include whatever generated DocumentView$*.class by
wildcard

Change-Id: I779e2709c8ef2859d68233300302dd62dbe2455f
Reviewed-on: https://gerrit.libreoffice.org/62073
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Gbp-Pq: Name fix-tests-openjdk11.patch

[PATCH] apparmor: use dri-enumerate abstraction

Remove backported rule and use new dri-enumerate abstraction instead.
dri-enumerate is available in AppArmor 2.13, which recently migrated
into Debian Buster.

Change-Id: I64919edc1882f7bc1e65cfb94686464c5350f699

Gbp-Pq: Name apparmor-cleanups.diff

apparmor: update program.soffice.bin for KDE

Add rules to fix file dialog and other issues with 6.2 alpha1 on Debian
Buster with KDE desktop.

Change-Id: Ib1b20c5809ac9bdea1bf2623eff4345fa42fd4f3
Reviewed-on: https://gerrit.libreoffice.org/58702
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de>
Reviewed-by: Katarina Behrens <Katarina.Behrens@cib.de>
Gbp-Pq: Name apparmor-kde.diff

apparmor-allow-java.security

===================================================================

Gbp-Pq: Name apparmor-allow-java.security.diff

[PATCH] test apparmor profile parsing (see tdf#114915)

idea taken from
https://salsa.debian.org/apparmor-team/apparmor-profiles-extra/commit/7fbcc4788d0e94764eeeff2f080796601241f986#546c1096cd506dbb01a47ed87a636a8e94d83b8c

Change-Id: I7e5bda9224d69530af4d30422c2fd3d60c9929d6

Gbp-Pq: Name test-apparmor-profiles.diff

[PATCH] micro-optimization: do not check for ant if we don't need it

Change-Id: I84644cddd8a318a2af23780ada9afc26fe23a9fe

Gbp-Pq: Name no-ant-check-if-unneeded.diff

do-not-hide-test-output

===================================================================

Gbp-Pq: Name do-not-hide-test-output.diff

disable-java-in-odk-build-examples-on-zero-vm

===================================================================

Gbp-Pq: Name disable-java-in-odk-build-examples-on-zero-vm.diff

appstream-ignore-startcenter

===================================================================

Gbp-Pq: Name appstream-ignore-startcenter.diff

Hide startcenter and math from the shell

Bug-Ubuntu: https://launchpad.net/bugs/1696250
Forwarded: not-needed

Gbp-Pq: Name hide-math-desktop-file.patch

apparmor-complain

===================================================================

Gbp-Pq: Name apparmor-complain.diff

disable-unused-test-programs

===================================================================

Gbp-Pq: Name disable-unused-test-programs.diff

cppunit-optional

===================================================================

Gbp-Pq: Name cppunit-optional.diff

disable-some-sc-tests-with-internal-cppunit

# fails with internal cppunit:

# fails with internal cppunit:
#
# [build LNK] CppunitTest/libtest_sc_subsequent_filters_test.so
# S=/data/rene/git/LibreOffice/master && I=$S/instdir && W=$S/workdir &&  /usr/bin/ccache x86_64-linux-gnu-g++ -shared -Wl,-z,noexecstack   -Wl,-z,origin '-Wl,-rpath,$ORIGIN/../Library' -Wl,-rpath-link,$I/program -Wl,-z,defs -Wl,-rpath-link,/lib:/usr/lib -Wl,-z,combreloc  -Wl,--hash-style=gnu  -Wl,--dynamic-list-cpp-new -Wl,--dynamic-list-cpp-typeinfo -Wl,-Bsymbolic-functions  -L$W/LinkTarget/StaticLibrary -L$I/sdk/lib  -L$I/program  -L$I/program  -L$W/LinkTarget/Library -Wl,-z,relro   -L/usr/lib/x86_64-linux-gnu  -L/usr/lib/x86_64-linux-gnu  -L/usr/lib/x86_64-linux-gnu   $W/CxxObject/sc/qa/unit/subsequent_filters-test.o      -Wl,--start-group    -L$W/UnpackedTarball/cppunit/src/cppunit/.libs -lcppunit  -lxml2 -lorcus-0.12 -lorcus-parser-0.12 -lboost_filesystem  -lboost_iostreams -lz -Wl,--end-group -Wl,--no-as-needed -lmergedlo -luno_cppu -luno_cppuhelpergcc3 -lforlo -lforuilo -li18nlangtag -looxlo -luno_sal -luno_salhelpergcc3 -lsclo -lscqahelper -lsubsequenttest -ltest -lunotest -lvbahelperlo  -o $W/LinkTarget/CppunitTest/libtest_sc_subsequent_filters_test.so
# /data/rene/git/LibreOffice/master/workdir/CxxObject/sc/qa/unit/subsequent_filters-test.o:(.data.rel.ro._ZTIN7CppUnit17AdditionalMessageE[_ZTIN7CppUnit17AdditionalMessageE]+0x10): undefined reference to `typeinfo for CppUnit::Message'
# collect2: error: ld returned 1 exit status
# /data/rene/git/LibreOffice/master/solenv/gbuild/LinkTarget.mk:598: recipe for target '/data/rene/git/LibreOffice/master/workdir/LinkTarget/CppunitTest/libtest_sc_subsequent_filters_test.so' failed
# make[4]: *** [/data/rene/git/LibreOffice/master/workdir/LinkTarget/CppunitTest/libtest_sc_subsequent_filters_test.so] Error 1
#
# interestingly, this works with system-cppunit...

Gbp-Pq: Name disable-some-sc-tests-with-internal-cppunit.diff

no-openssl

don't add -lssl etc if not needed (because we use system-postgresql)

Gbp-Pq: Name no-openssl.diff

allow-opensymbol-rebuild

===================================================================

Gbp-Pq: Name allow-opensymbol-rebuild.diff

system-officeotron-and-odfvalidator

===================================================================

Gbp-Pq: Name system-officeotron-and-odfvalidator.diff

[PATCH] Revert "always support packagekit if dbus is enabled"

This reverts commit f2984e95740cfbb9c74574f2a1225af3411d4901.

Gbp-Pq: Name no-packagekit-per-default.diff

hppa-is-32bit

===================================================================

Gbp-Pq: Name hppa-is-32bit.diff

javadoc-optional

Gemeinsame Unterverzeichnisse: odk-old/config und odk/config.
Gemeinsame Unterverzeichnisse: odk-old/docs und odk/docs.
Gemeinsame Unterverzeichnisse: odk-old/examples und odk/examples.

Gemeinsame Unterverzeichnisse: odk-old/config und odk/config.
Gemeinsame Unterverzeichnisse: odk-old/docs und odk/docs.
Gemeinsame Unterverzeichnisse: odk-old/examples und odk/examples.

Gbp-Pq: Name javadoc-optional.diff

fix-internal-hsqldb-build

===================================================================

Gbp-Pq: Name fix-internal-hsqldb-build.diff

disable-flaky-tests

14:13 < mst__> _rene_, the toolkit unoapi tests are known to be flaky (in some
               system dependent way) e.g. on the Win@6 tinderbox it always
               crashes
14:14 < mst__> _rene_, sc.ScAccessible* tests also fail on some systems some of
               the time

Gbp-Pq: Name disable-flaky-tests.diff

debian-hardened-buildflags-no-LO-fstack-protector-strong

don't hardcode -fstack-protector-strong in configure.ac/gbuild. We get the
hardening flags from dpkg-buildflags anyway.

Gbp-Pq: Name debian-hardened-buildflags-no-LO-fstack-protector-strong.diff

debian-hardened-buildflags-CPPFLAGS

===================================================================

Gbp-Pq: Name debian-hardened-buildflags-CPPFLAGS.diff

mediwiki-oor-replace

===================================================================

Gbp-Pq: Name mediwiki-oor-replace.diff

make-package-modules-not-suck

===================================================================

Gbp-Pq: Name make-package-modules-not-suck.diff

mysqlcppconn-libmysqlclient-SONAME

===================================================================

Gbp-Pq: Name mysqlcppconn-libmysqlclient-SONAME.diff

jdbc-driver-classpaths

Gbp-Pq: Name jdbc-driver-classpaths.diff

reportdesign-mention-package

===================================================================

Gbp-Pq: Name reportdesign-mention-package.diff

sensible-lomua

===================================================================

Gbp-Pq: Name sensible-lomua.diff

help-msg-add-package-info

===================================================================

Gbp-Pq: Name help-msg-add-package-info.diff

mention-java-common-package

===================================================================

Gbp-Pq: Name mention-java-common-package.diff

install-fixes

===================================================================

Gbp-Pq: Name install-fixes.diff

build-against-shared-lpsolve

===================================================================

Gbp-Pq: Name build-against-shared-lpsolve.diff

debian-debug

===================================================================

Gbp-Pq: Name debian-debug.diff

split-evoab

===================================================================

Gbp-Pq: Name split-evoab.diff

jurt-soffice-location

commit b71107fb12e3c3125e0cb62c5a4f6636a80c6408
Author:     Bjoern Michaelsen <bjoern.michaelsen@canonical.com>
AuthorDate: Tue Jun 7 11:52:37 2011 +0200
Commit:     Bjoern Michaelsen <bjoern.michaelsen@canonical.com>
CommitDate: Tue Jun 7 11:52:37 2011 +0200

    on debian-based systems, we know where our soffice binary is

Gbp-Pq: Name jurt-soffice-location.diff

debian-opt

===================================================================

Gbp-Pq: Name debian-opt.diff

no-check-if-root

===================================================================

Gbp-Pq: Name no-check-if-root.diff

libreoffice (1:6.1.5-3+deb10u11) buster-security; urgency=high

  * Team upload by LTS security team.
  * Fix CVE-2023-6185: An Improper Input Validation vulnerability
    was found in GStreamer integration of The Document
    Foundation LibreOffice allows an attacker to execute arbitrary
    GStreamer plugins. In affected versions the filename of the
    embedded video is not sufficiently escaped when passed to
    GStreamer enabling an attacker to run arbitrary
    gstreamer plugins depending on what plugins are installed
    on the target system.
  * Fix CVE-2023-6186: LibreOffice supports hyperlinks.
    In addition to the typical common protocols such as
    http/https hyperlinks can also have target URLs that
    can launch built-in macros or dispatch built-in
    internal commands. In affected version of LibreOffice
    there are scenarios where these can be executed without warning
    if the user activates such hyperlinks. In later versions
    the users's explicit macro execution permissions
    for the document are now consulted if these non-typical
    hyperlinks can be executed. The possibility to use these
    variants of hyperlink targets for floating frames has been removed.
  * Fix CVE-2020-12802: LibreOffice has a 'stealth mode' in which only
    documents from locations deemed 'trusted' are allowed to
    retrieve remote resources. This mode is not the default mode,
    but can be enabled by users who want to disable LibreOffice's ability
    to include remote resources within a document. A flaw existed
    where remote graphic links loaded from docx documents were omitted
    from this protection.
  * Fix CVE-2020-12801: If LibreOffice has an encrypted document
    open and crashes, that document is auto-saved encrypted.
    On restart, LibreOffice offers to restore the document
    and prompts for the password to decrypt it. If the recovery
    is successful, and if the file format of the recovered document
    was not LibreOffice's default ODF file format, then affected versions
    of LibreOffice default that subsequent saves of the document
    are unencrypted. This may lead to a user accidentally saving
    a MSOffice file format document unencrypted while believing
    it to be encrypted.
  * Fix CVE-2020-12803: ODF documents can contain forms to be
    filled out by the user. Similar to HTML forms, the contained
    form data can be submitted to a URI, for example, to an external
    web server. To create submittable forms, ODF implements the
    XForms W3C standard, which allows data to be submitted without
    the need for macros or other active scripting. LibreOffice allowed
    forms to be submitted to any URI, including file: URIs, enabling
    form submissions to overwrite local files. User-interaction
    is required to submit the form, but to avoid the possibility
    of malicious documents engineered to maximize the possibility of
    inadvertent user submission this feature has now been limited to
    http[s] URIs, removing the possibility to overwrite local files.

[dgit import unpatched libreoffice 1:6.1.5-3+deb10u11]