UbuntuUpdates.org

Package "libreoffice-report-builder-bin"

Name: libreoffice-report-builder-bin

Description:

LibreOffice component for building database reports -- libraries

Latest version: 4:7.6.7-0ubuntu0.23.10.3
Release: mantic (23.10)
Level: security
Repository: universe
Head package: libreoffice
Homepage: http://www.libreoffice.org

Links


Download "libreoffice-report-builder-bin"


Other versions of "libreoffice-report-builder-bin" in Mantic

Repository Area Version
base universe 4:7.6.2-0ubuntu1
updates universe 4:7.6.7-0ubuntu0.23.10.3
PPA: LibreOffice 4:24.2.4~rc2-0ubuntu0.23.10.1~lo1

Changelog

Version: 4:7.6.7-0ubuntu0.23.10.3 2024-07-04 15:07:04 UTC

  libreoffice (4:7.6.7-0ubuntu0.23.10.3) mantic-security; urgency=medium

  * SECURITY UPDATE: TLS certificate are not properly verified when
    utilizing LibreOfficeKit (LP: #2071624)
    - debian/patches/CVE-2024-5261.patch: Revert "LOK: Allow image
      upload from WOPI-like host with self-signed cert"
    - CVE-2024-5261

 -- Rico Tzschichholz <email address hidden> Mon, 01 Jul 2024 16:21:11 +0200

Source diff to previous version
2071624 CVE-2024-5261
CVE-2024-5261 Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be use

Version: 4:7.6.7-0ubuntu0.23.10.2 2024-05-28 13:07:17 UTC

  libreoffice (4:7.6.7-0ubuntu0.23.10.2) mantic-security; urgency=medium

  * No-change rebuild in the -security pocket to fix CVE-2024-3044.

 -- Marc Deslauriers <email address hidden> Fri, 24 May 2024 08:58:38 -0400

Source diff to previous version
CVE-2024-3044 Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt

Version: 4:7.6.4-0ubuntu0.23.10.1 2023-12-11 16:09:59 UTC

  libreoffice (4:7.6.4-0ubuntu0.23.10.1) mantic-security; urgency=medium

  * New upstream release (LP: #2044019)
  * SECURITY UPDATE: Improper input validation enabling arbitrary Gstreamer
    pipeline injection
    - CVE-2023-6185
  * SECURITY UPDATE: Link targets allow arbitrary script execution
    - CVE-2023-6186

  [ Rico Tzschichholz ]
  * debian/patches/fix-arm64-tests.diff:
    - Dropped while it got fixed upsteam
  * debian/patches/fix-armhf-linker.diff:
    - Included upsteam now
  * Update replace-source-sans-in-templates.diff

  [ Rene Engelhard ]
  * debian/rules:
    - readd fonts-crosextra-caladea build-dep; Cambria usage is back
    - re-enable cmis; bump libcmis build-dep to >= 0.6.1
  * debian/control.in:
    - duplicate Replaces: as Breaks: in -uiconfig-*
  * Update patches/we-dont-have-the-needed-fonts.diff and
    patches/adapt-for-new-carlito.diff

 -- Rico Tzschichholz <email address hidden> Thu, 07 Dec 2023 22:10:12 +0100

2044019 [SRU] libreoffice 7.6.3 for mantic
CVE-2023-6185 Improper input validation enabling arbitrary Gstreamer pipeline injection
CVE-2023-6186 Link targets allow arbitrary script execution



About   -   Send Feedback to @ubuntu_updates