UbuntuUpdates.org

Package "libreoffice"

Name: libreoffice

Description:

office productivity suite (metapackage)

Latest version: 1:6.0.7-0ubuntu0.18.04.13
Release: bionic (18.04)
Level: security
Repository: universe
Homepage: http://www.libreoffice.org

Links


Download "libreoffice"


Other versions of "libreoffice" in Bionic

Repository Area Version
base main 1:6.0.3-0ubuntu1
base universe 1:6.0.3-0ubuntu1
security main 6.0.7-0ubuntu0.18.04.13
updates universe 1:6.0.7-0ubuntu0.18.04.13
updates main 6.0.7-0ubuntu0.18.04.13
backports universe 1:7.4.7-0ubuntu0.22.10.1~bpo18.04.1
backports main 1:7.4.7-0ubuntu0.22.10.1~bpo18.04.1
PPA: LibreOffice 4:7.6.5-0ubuntu0.18.04.1~lo3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:6.0.7-0ubuntu0.18.04.13 2023-04-17 13:06:53 UTC

  libreoffice (1:6.0.7-0ubuntu0.18.04.13) bionic-security; urgency=medium

  [ Rico Tzschichholz ]
  * SECURITY UPDATE: Empty entry in Java class path risks arbitrary
    code execution
    - debian/patches/CVE-2022-38745.patch: Avoid unnecessary empty
      -Djava.class.path=.
    - CVE-2022-38745

  [ Rene Engelhard ]
  * debian/patches/hrk-euro.diff: add EUR to .hr i18n;
    add HRK<->EUR conversion rate to Calc and the Euro Wizard
  * debian/patches/hrk-euro-default.diff: default to EUR for .hr

 -- Rico Tzschichholz <email address hidden> Sun, 26 Mar 2023 20:00:54 +0200

Source diff to previous version
CVE-2022-38745 Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code fro

Version: 1:6.0.7-0ubuntu0.18.04.12 2022-10-20 15:06:21 UTC

  libreoffice (1:6.0.7-0ubuntu0.18.04.12) bionic-security; urgency=medium

  * SECURITY UPDATE: document encryption stripped via recovery
    - debian/patches/CVE-2020-12801-1.patch: store ODF encryption data for
      autorecovery in comphelper/source/misc/docpasswordhelper.cxx,
      sfx2/source/dialog/filedlghelper.cxx.
    - debian/patches/CVE-2020-12801-2.patch: keep encryption information
      for autorecovered MS formats in
      comphelper/source/misc/docpasswordhelper.cxx,
      package/source/xstor/owriteablestream.cxx,
      package/source/xstor/owriteablestream.hxx,
      package/source/xstor/xstorage.cxx, sfx2/source/appl/appopen.cxx.
    - debian/patches/CVE-2020-12801-3.patch: use TypeDetection on load in
      framework/source/services/autorecovery.cxx.
    - CVE-2020-12801
  * SECURITY UPDATE: file overwrite via forms
    - debian/patches/CVE-2020-12803.patch: limit forms to http[s] in
      forms/source/xforms/submission.cxx,
      forms/source/xforms/submission/submission.hxx.
    - CVE-2020-12803
  * SECURITY UPDATE: Improper Certificate Validation vulnerability
    - debian/patches/CVE-2022-26305.patch: compare authors using Thumbprint
      in xmlsecurity/source/component/documentdigitalsignatures.cxx.
    - CVE-2022-26305
  * SECURITY UPDATE: stored passwords IV always the same
    - debian/patches/CVE-2022-26306-pre1.patch: properly handle failure
      decoding master password in
      svl/source/passwordcontainer/passwordcontainer.cxx,
      svl/source/passwordcontainer/passwordcontainer.hxx.
    - debian/patches/CVE-2022-26306-1.patch: simplify Sequence iterations
      in svl in svl/source/passwordcontainer/passwordcontainer.cxx.
    - debian/patches/CVE-2022-26306-2.patch: add Initialization Vectors to
      password storage in
      officecfg/registry/schema/org/openoffice/Office/Common.xcs,
      svl/source/passwordcontainer/passwordcontainer.cxx,
      svl/source/passwordcontainer/passwordcontainer.hxx.
    - CVE-2022-26306
  * SECURITY UPDATE: password storage master key weak entropy
    - debian/patches/CVE-2022-26307-1.patch: make hash encoding match
      decoding in
      officecfg/registry/schema/org/openoffice/Office/Common.xcs,
      svl/source/passwordcontainer/passwordcontainer.cxx,
      svl/source/passwordcontainer/passwordcontainer.hxx,
      uui/source/iahndl-authentication.cxx.
    - debian/patches/CVE-2022-26307-2.patch: add infobar to prompt to
      refresh to replace old format in include/sfx2/strings.hrc,
      include/sfx2/viewfrm.hxx, sfx2/source/view/viewfrm.cxx.
    - CVE-2022-26307
  * SECURITY UPDATE: arbitrary script execution via Office URI Schemes
    - debian/patches/CVE-2022-3140-pre1.patch: warn on load when a document
      binds an event to a macro in comphelper/source/misc/documentinfo.cxx,
      dbaccess/source/core/dataaccess/ModelImpl.cxx,
      dbaccess/source/core/dataaccess/databasedocument.cxx,
      dbaccess/source/core/inc/ModelImpl.hxx,
      include/comphelper/documentinfo.hxx, include/oox/ole/axcontrol.hxx,
      include/sfx2/docmacromode.hxx, include/sfx2/objsh.hxx,
      include/xmloff/xmlimp.hxx, oox/source/ole/vbaproject.cxx,
      sc/source/filter/excel/xiescher.cxx,
      sc/source/filter/inc/xiescher.hxx,
      sc/source/ui/vba/vbasheetobject.cxx,
      sc/source/ui/vba/vbasheetobject.hxx,
      scripting/source/protocolhandler/scripthandler.cxx,
      sfx2/source/doc/docmacromode.cxx, sfx2/source/doc/objmisc.cxx,
      sfx2/source/doc/objstor.cxx, sfx2/source/doc/objxtor.cxx,
      sfx2/source/doc/sfxbasemodel.cxx, sfx2/source/inc/objshimp.hxx,
      sw/source/filter/html/htmlform.cxx,
      sw/source/filter/html/htmlgrin.cxx, sw/source/filter/html/swhtml.cxx,
      sw/source/filter/ww8/ww8par.cxx, sw/source/filter/ww8/ww8par.hxx,
      sw/source/filter/ww8/ww8par5.cxx, xmloff/source/core/xmlimp.cxx,
      xmloff/source/script/XMLEventImportHelper.cxx.
    - debian/patches/CVE-2022-3140-1.patch: commands are always URLs in
      wizards/source/access2base/DoCmd.xba.
    - debian/patches/CVE-2022-3140-2.patch: filter out unwanted command
      URIs in desktop/source/app/cmdlineargs.cxx.
    - debian/patches/CVE-2022-3140-3.patch: check IFrame FrameURL target in
      sfx2/source/appl/macroloader.cxx, sfx2/source/doc/iframe.cxx,
      sfx2/source/inc/macroloader.hxx, sw/source/filter/html/htmlplug.cxx,
      sw/source/filter/xml/xmltexti.cxx.
    - debian/patches/CVE-2022-3140-4.patch: check impress/calc IFrame
      FrameURL target in xmloff/source/draw/ximpshap.cxx.
    - CVE-2022-3140

 -- Marc Deslauriers <email address hidden> Thu, 13 Oct 2022 08:36:15 -0400

Source diff to previous version
CVE-2020-12801 If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the docum
CVE-2020-12803 ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example,
CVE-2022-26305 An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only
CVE-2022-26306 LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a sin
CVE-2022-26307 LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a sin
CVE-2022-3140 LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice

Version: 1:6.0.7-0ubuntu0.18.04.11 2022-03-15 20:07:21 UTC

  libreoffice (1:6.0.7-0ubuntu0.18.04.11) bionic-security; urgency=medium

  * SECURITY UPDATE: Improper certificate validation
    - debian/patches/CVE-2021-25636.patch: only use X509Data in
      xmlsecurity/inc/xmlsec-wrapper.h,
      xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx,
      xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx.
    - CVE-2021-25636

 -- Marc Deslauriers <email address hidden> Wed, 09 Mar 2022 06:50:02 -0500

Source diff to previous version
CVE-2021-25636 LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occur

Version: 1:6.0.7-0ubuntu0.18.04.10 2019-09-24 15:06:41 UTC

  libreoffice (1:6.0.7-0ubuntu0.18.04.10) bionic-security; urgency=medium

  * SECURITY UPDATE: Unsafe URL assembly flaw in allowed script location check
    - debian/patches/CVE-2019-9854.diff: assemble the parsed url describing a
      script's location from the output of the preceding verification step.
    - CVE-2019-9854

 -- Marcus Tomlinson <email address hidden> Sat, 21 Sep 2019 13:44:15 +0200

Source diff to previous version
CVE-2019-9854 LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document

Version: 1:6.0.7-0ubuntu0.18.04.9 2019-08-19 13:09:00 UTC

  libreoffice (1:6.0.7-0ubuntu0.18.04.9) bionic-security; urgency=medium

  * SECURITY UPDATE: Insufficient URL validation allowing LibreLogo script execution
    - debian/patches/CVE-2019-9850_1_2.diff: decode escape codes and ban scripts
      with "LibreLogo" anywhere in its path.
    - CVE-2019-9850
  * SECURITY UPDATE: LibreLogo global-event script execution
    - debian/patches/CVE-2019-9850_1_2.diff: catch more LibreLogo script executions
      by expanding check to global events.
    - CVE-2019-9851
  * SECURITY UPDATE: Insufficient URL encoding flaw in allowed script location check
    - debian/patches/CVE-2019-9850_1_2.diff: ensure that all URLs leaving
      scriptURI2StorageUri() are percent-encoded.
    - CVE-2019-9852

 -- Marcus Tomlinson <email address hidden> Wed, 14 Aug 2019 15:15:42 +0100

CVE-2019-9850 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained
CVE-2019-9851 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained
CVE-2019-9852 LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document



About   -   Send Feedback to @ubuntu_updates