Bug#876001: libwpd: CVE-2017-14226

Rene Engelhard Sun, 17 Sep 2017 05:09:32 -0700

Hi,


On Sun, Sep 17, 2017 at 10:47:06AM +0200, Salvatore Bonaccorso wrote:
> Source: libwpd
> Version: 0.10.1-5
> Severity: important
> Tags: patch security upstream
> Forwarded: https://sourceforge.net/p/libwpd/tickets/14/
> 
> Hi,
> 
> the following vulnerability was published for libwpd.
>
> CVE-2017-14226[0]:
[...]

fixed in 0.10.2-1 for sid. Want this fixed as DSAs for jessie/stretch?

Prepared packages. Debdiffs attached...

Regards,

Rene

diff -Nru libwpd-0.10.1/debian/changelog libwpd-0.10.1/debian/changelog
--- libwpd-0.10.1/debian/changelog      2016-09-12 22:58:36.000000000 +0200
+++ libwpd-0.10.1/debian/changelog      2017-09-17 13:20:30.000000000 +0200
@@ -1,3 +1,10 @@
+libwpd (0.10.1-5+deb9u1) stretch; urgency=medium
+
+  * debian/patches/libwpd-tdf112269.diff: backport patch to fix
+    CVE-2017-14226 (closes: #876001)
+
+ -- Rene Engelhard <r...@debian.org>  Sun, 17 Sep 2017 13:20:30 +0200
+
 libwpd (0.10.1-5) unstable; urgency=medium
 
   * [7d35591] move Maintainer: to Debian LibreOffice Maintainers
diff -Nru libwpd-0.10.1/debian/patches/libwpd-tdf112269.diff 
libwpd-0.10.1/debian/patches/libwpd-tdf112269.diff
--- libwpd-0.10.1/debian/patches/libwpd-tdf112269.diff  1970-01-01 
01:00:00.000000000 +0100
+++ libwpd-0.10.1/debian/patches/libwpd-tdf112269.diff  2017-09-17 
13:20:30.000000000 +0200
@@ -0,0 +1,43 @@
+--- libwpd/src/lib/WP5StylesListener.cpp
++++ libwpd/src/lib/WP5StylesListener.cpp
+@@ -85,8 +85,9 @@
+               m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 0.0);
+               m_currentPage.setPageSpan(1);
+ 
+-              for (std::vector<WPXHeaderFooter>::const_iterator HFiter = 
(m_nextPage.getHeaderFooterList()).begin();
+-                      HFiter != (m_nextPage.getHeaderFooterList()).end(); 
++HFiter)
++              std::vector<WPXHeaderFooter> headerFooterList = 
m_nextPage.getHeaderFooterList();
++              for (std::vector<WPXHeaderFooter>::const_iterator HFiter = 
headerFooterList.begin();
++                      HFiter != headerFooterList.end(); ++HFiter)
+               {
+                       if ((*HFiter).getOccurrence() != NEVER)
+                       {
+--- libwpd/src/lib/WP42StylesListener.cpp
++++ libwpd/src/lib/WP42StylesListener.cpp
+@@ -84,8 +84,9 @@
+                       m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 
0.0);
+                       m_currentPage.setPageSpan(1);
+ 
+-                      for (std::vector<WPXHeaderFooter>::const_iterator 
HFiter = (m_nextPage.getHeaderFooterList()).begin();
+-                              HFiter != 
(m_nextPage.getHeaderFooterList()).end(); ++HFiter)
++                      std::vector<WPXHeaderFooter> headerFooterList = 
m_nextPage.getHeaderFooterList();
++                      for (std::vector<WPXHeaderFooter>::const_iterator 
HFiter = headerFooterList.begin();
++                              HFiter != headerFooterList.end(); ++HFiter)
+                       {
+                               if ((*HFiter).getOccurrence() != NEVER)
+                               {
+--- libwpd/src/lib/WP1StylesListener.cpp
++++ libwpd/src/lib/WP1StylesListener.cpp
+@@ -83,8 +83,9 @@
+                       m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 
0.0);
+                       m_currentPage.setPageSpan(1);
+ 
+-                      for (std::vector<WPXHeaderFooter>::const_iterator 
HFiter = (m_nextPage.getHeaderFooterList()).begin();
+-                              HFiter != 
(m_nextPage.getHeaderFooterList()).end(); ++HFiter)
++                      std::vector<WPXHeaderFooter> headerFooterList = 
m_nextPage.getHeaderFooterList();
++                      for (std::vector<WPXHeaderFooter>::const_iterator 
HFiter = headerFooterList.begin();
++                              HFiter != headerFooterList.end(); ++HFiter)
+                       {
+                               if ((*HFiter).getOccurrence() != NEVER)
+                               {
+
diff -Nru libwpd-0.10.1/debian/patches/series 
libwpd-0.10.1/debian/patches/series
--- libwpd-0.10.1/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ libwpd-0.10.1/debian/patches/series 2017-09-17 13:20:30.000000000 +0200
@@ -0,0 +1 @@
+libwpd-tdf112269.diff

diff -Nru libwpd-0.10.0/debian/changelog libwpd-0.10.0/debian/changelog
--- libwpd-0.10.0/debian/changelog      2014-08-08 00:36:00.000000000 +0200
+++ libwpd-0.10.0/debian/changelog      2017-09-17 13:20:30.000000000 +0200
@@ -1,3 +1,10 @@
+libwpd (0.10.0-2+deb8u1) jessie; urgency=medium
+
+  * debian/patches/libwpd-tdf112269.diff: backport patch to fix
+    CVE-2017-14226 (closes: #876001)
+
+ -- Rene Engelhard <r...@debian.org>  Sun, 17 Sep 2017 13:20:30 +0200
+
 libwpd (0.10.0-2) unstable; urgency=low
 
   * upload to unstable
diff -Nru libwpd-0.10.0/debian/patches/libwpd-tdf112269.diff 
libwpd-0.10.0/debian/patches/libwpd-tdf112269.diff
--- libwpd-0.10.0/debian/patches/libwpd-tdf112269.diff  1970-01-01 
01:00:00.000000000 +0100
+++ libwpd-0.10.0/debian/patches/libwpd-tdf112269.diff  2017-09-17 
13:20:30.000000000 +0200
@@ -0,0 +1,43 @@
+--- libwpd/src/lib/WP5StylesListener.cpp
++++ libwpd/src/lib/WP5StylesListener.cpp
+@@ -85,8 +85,9 @@
+               m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 0.0);
+               m_currentPage.setPageSpan(1);
+ 
+-              for (std::vector<WPXHeaderFooter>::const_iterator HFiter = 
(m_nextPage.getHeaderFooterList()).begin();
+-                      HFiter != (m_nextPage.getHeaderFooterList()).end(); 
++HFiter)
++              std::vector<WPXHeaderFooter> headerFooterList = 
m_nextPage.getHeaderFooterList();
++              for (std::vector<WPXHeaderFooter>::const_iterator HFiter = 
headerFooterList.begin();
++                      HFiter != headerFooterList.end(); ++HFiter)
+               {
+                       if ((*HFiter).getOccurrence() != NEVER)
+                       {
+--- libwpd/src/lib/WP42StylesListener.cpp
++++ libwpd/src/lib/WP42StylesListener.cpp
+@@ -84,8 +84,9 @@
+                       m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 
0.0);
+                       m_currentPage.setPageSpan(1);
+ 
+-                      for (std::vector<WPXHeaderFooter>::const_iterator 
HFiter = (m_nextPage.getHeaderFooterList()).begin();
+-                              HFiter != 
(m_nextPage.getHeaderFooterList()).end(); ++HFiter)
++                      std::vector<WPXHeaderFooter> headerFooterList = 
m_nextPage.getHeaderFooterList();
++                      for (std::vector<WPXHeaderFooter>::const_iterator 
HFiter = headerFooterList.begin();
++                              HFiter != headerFooterList.end(); ++HFiter)
+                       {
+                               if ((*HFiter).getOccurrence() != NEVER)
+                               {
+--- libwpd/src/lib/WP1StylesListener.cpp
++++ libwpd/src/lib/WP1StylesListener.cpp
+@@ -83,8 +83,9 @@
+                       m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 
0.0);
+                       m_currentPage.setPageSpan(1);
+ 
+-                      for (std::vector<WPXHeaderFooter>::const_iterator 
HFiter = (m_nextPage.getHeaderFooterList()).begin();
+-                              HFiter != 
(m_nextPage.getHeaderFooterList()).end(); ++HFiter)
++                      std::vector<WPXHeaderFooter> headerFooterList = 
m_nextPage.getHeaderFooterList();
++                      for (std::vector<WPXHeaderFooter>::const_iterator 
HFiter = headerFooterList.begin();
++                              HFiter != headerFooterList.end(); ++HFiter)
+                       {
+                               if ((*HFiter).getOccurrence() != NEVER)
+                               {
+
diff -Nru libwpd-0.10.0/debian/patches/series 
libwpd-0.10.0/debian/patches/series
--- libwpd-0.10.0/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ libwpd-0.10.0/debian/patches/series 2017-09-17 13:20:30.000000000 +0200
@@ -0,0 +1 @@
+libwpd-tdf112269.diff

Bug#876001: libwpd: CVE-2017-14226

Reply via email to