[Git][security-tracker-team/security-tracker][master] CVE-2025-1080/libreoffice

[@rouca]

Bastien Roucariès pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
54aab34d by Bastien Roucariès at 2025-06-14T11:13:21+02:00
CVE-2025-1080/libreoffice

Before tdf#100837 URL are not interpreted on command line

Version according to configure.ac version string of particular commit

For documentation purpose

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32312,6 +32312,7 @@ CVE-2025-1080 (LibreOffice supports Office URI Schemes 
to enable browser integra
        NOTE: 
https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080
        NOTE: https://gerrit.libreoffice.org/c/core/+/181016
        NOTE: Fixed by: 
https://git.libreoffice.org/core/commit/7105fb698f897ddb38bd60315444c07356689e14
+       NOTE: Vulnerable logic (function CheckOfficeURI) introduced by: 
https://github.com/LibreOffice/core/commit/4311e8fb88c334cccad6f577610e1af8ae75bc59
 (5.3.0.0.alpha0+)
 CVE-2025-0958 (The Ultimate WordPress Auction Plugin plugin for WordPress is 
vulnerab ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-0512 (The Structured Content (JSON-LD) #wpsc plugin for WordPress is 
vulnera ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54aab34d29dd7650e16ff307188df51f85d63f37

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54aab34d29dd7650e16ff307188df51f85d63f37
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits