UbuntuUpdates.org

Package "libreoffice-report-builder-bin"

Name: libreoffice-report-builder-bin

Description:

LibreOffice component for building database reports -- libraries

Latest version: 4:7.6.7-0ubuntu0.23.10.3
Release: mantic (23.10)
Level: updates
Repository: universe
Head package: libreoffice
Homepage: http://www.libreoffice.org

Links


Download "libreoffice-report-builder-bin"


Other versions of "libreoffice-report-builder-bin" in Mantic

Repository Area Version
base universe 4:7.6.2-0ubuntu1
security universe 4:7.6.7-0ubuntu0.23.10.3
PPA: LibreOffice 4:24.2.4~rc2-0ubuntu0.23.10.1~lo1

Changelog

Version: 4:7.6.7-0ubuntu0.23.10.3 2024-07-04 18:07:10 UTC

  libreoffice (4:7.6.7-0ubuntu0.23.10.3) mantic-security; urgency=medium

  * SECURITY UPDATE: TLS certificate are not properly verified when
    utilizing LibreOfficeKit (LP: #2071624)
    - debian/patches/CVE-2024-5261.patch: Revert "LOK: Allow image
      upload from WOPI-like host with self-signed cert"
    - CVE-2024-5261

 -- Rico Tzschichholz <email address hidden> Mon, 01 Jul 2024 16:21:11 +0200

Source diff to previous version
2071624 CVE-2024-5261
CVE-2024-5261 Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be use

Version: 4:7.6.7-0ubuntu0.23.10.2 2024-05-28 15:07:14 UTC

  libreoffice (4:7.6.7-0ubuntu0.23.10.2) mantic-security; urgency=medium

  * No-change rebuild in the -security pocket to fix CVE-2024-3044.

 -- Marc Deslauriers <email address hidden> Fri, 24 May 2024 08:58:38 -0400

Source diff to previous version
CVE-2024-3044 Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt

Version: 4:7.6.6-0ubuntu0.23.10.1 2024-05-01 11:06:56 UTC

  libreoffice (4:7.6.6-0ubuntu0.23.10.1) mantic; urgency=medium

  * New upstream release (LP: #2058687)
  * debian/rules:
    - also suggest libreoffice-{hyphenation,spellcheck}-tr in -l10n-tr
      and libreoffice-{hyphenation,spellcheck}-fr in -l10n-fr (as for fi)

 -- Rico Tzschichholz <email address hidden> Thu, 21 Mar 2024 20:20:29 +0100

Source diff to previous version
2058687 [SRU] libreoffice 7.6.6 for mantic

Version: 4:7.6.5-0ubuntu0.23.10.1 2024-03-07 18:06:55 UTC

  libreoffice (4:7.6.5-0ubuntu0.23.10.1) mantic; urgency=medium

  * New upstream release (LP: #2054111)

  [ Rene Engelhard ]
  * debian/rules:
    - Don't remove libforuilo.so in -core-nogui. It's subsumed in
      libmerged on 64bit archs only (similar as libuuilo.so).
    - Build with --disable-split-debug on riscv64 to resolve GDB
      debugging issues
  * debian/patches/fix-riscv64-bridge.diff: More riscv64 bridge
    fixes from https://gerrit.libreoffice.org/c/core/+/160970

 -- Rico Tzschichholz <email address hidden> Wed, 21 Feb 2024 18:58:24 +0100

Source diff to previous version
2054111 [SRU] libreoffice 7.6.5 for mantic

Version: 4:7.6.4-0ubuntu0.23.10.1 2023-12-11 17:09:03 UTC

  libreoffice (4:7.6.4-0ubuntu0.23.10.1) mantic-security; urgency=medium

  * New upstream release (LP: #2044019)
  * SECURITY UPDATE: Improper input validation enabling arbitrary Gstreamer
    pipeline injection
    - CVE-2023-6185
  * SECURITY UPDATE: Link targets allow arbitrary script execution
    - CVE-2023-6186

  [ Rico Tzschichholz ]
  * debian/patches/fix-arm64-tests.diff:
    - Dropped while it got fixed upsteam
  * debian/patches/fix-armhf-linker.diff:
    - Included upsteam now
  * Update replace-source-sans-in-templates.diff

  [ Rene Engelhard ]
  * debian/rules:
    - readd fonts-crosextra-caladea build-dep; Cambria usage is back
    - re-enable cmis; bump libcmis build-dep to >= 0.6.1
  * debian/control.in:
    - duplicate Replaces: as Breaks: in -uiconfig-*
  * Update patches/we-dont-have-the-needed-fonts.diff and
    patches/adapt-for-new-carlito.diff

 -- Rico Tzschichholz <email address hidden> Thu, 07 Dec 2023 22:10:12 +0100

2044019 [SRU] libreoffice 7.6.3 for mantic
CVE-2023-6185 Improper input validation enabling arbitrary Gstreamer pipeline injection
CVE-2023-6186 Link targets allow arbitrary script execution



About   -   Send Feedback to @ubuntu_updates