This bug was fixed in the package libreoffice - 1:3.5.7-0ubuntu6.1
---------------
libreoffice (1:3.5.7-0ubuntu6.1) precise; urgency=medium
* guard symlink change for special cased platforms
libreoffice (1:3.5.7-0ubuntu6) precise; urgency=low
[ Ritesh Khadgaray ]
* fix symlink permissions (LP: #1200277)
[ Bjoern Michaelsen ]
* add OOXML fix (LP: #1316243)
* drop unused and upstreamed patches:
- lp-1194740-fdo-50304-fix-xls-row-height-again.diff
- lp-1194740-fdo-51878-fix-regression-of-size-ballooning.diff
-- Bjoern Michaelsen <bjoern.michael...@canonical.com> Thu, 08 May 2014
23:48:13 +0200
** Changed in: libreoffice (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/1316243
Title:
[SRU] Prevent DoS via OOXML
Status in “libreoffice” package in Ubuntu:
Fix Released
Status in “libreoffice” source package in Precise:
Fix Released
Bug description:
LibreOffice 3.5.x allows remote attackers to cause a denial of service
(memory corruption) or possibly have unspecified other impact via a
crafted element in an OOXML document file.
SRU data:
[Impact]
* DoS/application termination upon opening crafted file
[Test Case]
* none
[Regression Potential]
* patch affects only OOXML filters for Writer
* change is in all upstream LibreOffice releases since 3.6.7/4.0.4, so
regression potential is low
* patch has been considered fine by the security team
[Other Info]
* none
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1316243/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
