Univention Bugzilla – Full Text Bug Listing |
Summary: | libreoffice: Memory corruption in RTF processing (4.0) | ||
---|---|---|---|
Product: | UCS | Reporter: | Moritz Muehlenhoff <jmm> |
Component: | Security updates | Assignee: | Daniel Tröder <troeder> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P3 | CC: | gohmann, requate, walkenhorst |
Version: | UCS 4.0 | Flags: | requate:
Patch_Available+
|
Target Milestone: | UCS 4.0-3-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: |
Description
Moritz Muehlenhoff
2014-11-27 10:16:08 CET
Execution of arbitrary code when opening a malformed document due to missing input sanitising in Libreoffice's filter for HWP documents(CVE-2015-1774) Both above are fixed in 1:3.5.4+dfsg2-0+deb7u4. * libreoffice 1:3.5.4+dfsg2-0+deb7u4 was imported and build to scope errata4.0-3 (amd64 build in progress). * YAML (r63405, r63415): 2015-09-02-libreoffice.yaml Build time on dimma for i386: 10h19m ^.^ OK: DEBIAN_FRONTEND=noninteractive aptitude install -y '?source-package(^libreoffice$)?not(?name(udeb))' OK: libreoffice /usr/lib/libreoffice/CREDITS.odt OK: /usr/share/doc/libreoffice/changelog.Debian.gz OK: r63405 OK: r63415 OK: 2015-09-02-libreoffice.yaml OK: CVE-2014-9093 OK: CVE-2015-1774 OK: errata-announce -V 2015-09-02-libreoffice.yaml |