UbuntuUpdates.org

Package "libreoffice"

Name: libreoffice

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • office productivity suite -- English_british language package
  • office productivity suite -- English_southafrican language package
  • office productivity suite -- Esperanto language package
  • office productivity suite -- Spanish language package
Latest version: 4:7.6.7-0ubuntu0.23.10.3
Release: mantic (23.10)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "libreoffice" in Mantic

Repository Area Version
base universe 4:7.6.2-0ubuntu1
base main 4:7.6.2-0ubuntu1
security main 4:7.6.7-0ubuntu0.23.10.3
security universe 4:7.6.7-0ubuntu0.23.10.3
updates universe 4:7.6.7-0ubuntu0.23.10.3
PPA: LibreOffice 4:24.2.4~rc2-0ubuntu0.23.10.1~lo1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4:7.6.7-0ubuntu0.23.10.3 2024-07-04 18:07:09 UTC

  libreoffice (4:7.6.7-0ubuntu0.23.10.3) mantic-security; urgency=medium

  * SECURITY UPDATE: TLS certificate are not properly verified when
    utilizing LibreOfficeKit (LP: #2071624)
    - debian/patches/CVE-2024-5261.patch: Revert "LOK: Allow image
      upload from WOPI-like host with self-signed cert"
    - CVE-2024-5261

 -- Rico Tzschichholz <email address hidden> Mon, 01 Jul 2024 16:21:11 +0200
Source diff to previous version
2071624 CVE-2024-5261
CVE-2024-5261 Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be use

Version: 4:7.6.7-0ubuntu0.23.10.2 2024-05-28 15:07:13 UTC

  libreoffice (4:7.6.7-0ubuntu0.23.10.2) mantic-security; urgency=medium

  * No-change rebuild in the -security pocket to fix CVE-2024-3044.

 -- Marc Deslauriers <email address hidden> Fri, 24 May 2024 08:58:38 -0400
Source diff to previous version
CVE-2024-3044 Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt

Version: 4:7.6.6-0ubuntu0.23.10.1 2024-05-01 12:07:07 UTC

  libreoffice (4:7.6.6-0ubuntu0.23.10.1) mantic; urgency=medium

  * New upstream release (LP: #2058687)
  * debian/rules:
    - also suggest libreoffice-{hyphenation,spellcheck}-tr in -l10n-tr
      and libreoffice-{hyphenation,spellcheck}-fr in -l10n-fr (as for fi)

 -- Rico Tzschichholz <email address hidden> Thu, 21 Mar 2024 20:20:29 +0100
Source diff to previous version
2058687 [SRU] libreoffice 7.6.6 for mantic

Version: 4:7.6.5-0ubuntu0.23.10.1 2024-03-07 18:06:54 UTC

  libreoffice (4:7.6.5-0ubuntu0.23.10.1) mantic; urgency=medium

  * New upstream release (LP: #2054111)

  [ Rene Engelhard ]
  * debian/rules:
    - Don't remove libforuilo.so in -core-nogui. It's subsumed in
      libmerged on 64bit archs only (similar as libuuilo.so).
    - Build with --disable-split-debug on riscv64 to resolve GDB
      debugging issues
  * debian/patches/fix-riscv64-bridge.diff: More riscv64 bridge
    fixes from https://gerrit.libreoffice.org/c/core/+/160970

 -- Rico Tzschichholz <email address hidden> Wed, 21 Feb 2024 18:58:24 +0100
Source diff to previous version
2054111 [SRU] libreoffice 7.6.5 for mantic

Version: 4:7.6.4-0ubuntu0.23.10.1 2023-12-11 17:09:03 UTC

  libreoffice (4:7.6.4-0ubuntu0.23.10.1) mantic-security; urgency=medium

  * New upstream release (LP: #2044019)
  * SECURITY UPDATE: Improper input validation enabling arbitrary Gstreamer
    pipeline injection
    - CVE-2023-6185
  * SECURITY UPDATE: Link targets allow arbitrary script execution
    - CVE-2023-6186

  [ Rico Tzschichholz ]
  * debian/patches/fix-arm64-tests.diff:
    - Dropped while it got fixed upsteam
  * debian/patches/fix-armhf-linker.diff:
    - Included upsteam now
  * Update replace-source-sans-in-templates.diff

  [ Rene Engelhard ]
  * debian/rules:
    - readd fonts-crosextra-caladea build-dep; Cambria usage is back
    - re-enable cmis; bump libcmis build-dep to >= 0.6.1
  * debian/control.in:
    - duplicate Replaces: as Breaks: in -uiconfig-*
  * Update patches/we-dont-have-the-needed-fonts.diff and
    patches/adapt-for-new-carlito.diff

 -- Rico Tzschichholz <email address hidden> Thu, 07 Dec 2023 22:10:12 +0100
2044019 [SRU] libreoffice 7.6.3 for mantic
CVE-2023-6185 Improper input validation enabling arbitrary Gstreamer pipeline injection
CVE-2023-6186 Link targets allow arbitrary script execution


About   -   Send Feedback to @ubuntu_updates