subject:"\[Bug 2095307\] Re\: CVE\-2024\-12425 and CVE\-2024\-12426"

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-27 Thread Marc Deslauriers

These updates have been published. Thanks!

https://ubuntu.com/security/notices/USN-7228-1

** Changed in: libreoffice (Ubuntu Focal)
   Status: In Progress => Fix Released

** Changed in: libreoffice (Ubuntu Jammy)
   Status: In Progress => Fix Released

** Changed in: libreoffice (Ubuntu Noble)
   Status: In Progress => Fix Released

** Changed in: libreoffice (Ubuntu Oracular)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-24 Thread Marc Deslauriers

Thanks for these! I'll upload them for building and will release them
when done.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-24 Thread Rico Tzschichholz

** Description changed:

  CVE-2024-12425: "Path traversal leading to arbitrary .ttf file write"
  https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425/
  https://ubuntu.com/security/CVE-2024-12425
  
- 
  CVE-2024-12426: "URL fetching can be used to exfiltrate arbitrary INI file 
values and environment variables"
  https://www.libreoffice.org/about-us/security/advisories/cve-2024-12426/
  https://ubuntu.com/security/CVE-2024-12426
+ 
+ 
+ focal: 
https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/focal-6.4
+ jammy: 
https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/jammy-7.3
+ noble: 
https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/noble-24.2

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-24 Thread Rico Tzschichholz

https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/16934879/+listing-
archive-extra

** Patch added: "libreoffice_6.4.7-0ubuntu0.20.04.13.diff"
   
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+attachment/5853641/+files/libreoffice_6.4.7-0ubuntu0.20.04.13.diff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-24 Thread Rico Tzschichholz

https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/16934335/+listing-
archive-extra

** Changed in: libreoffice (Ubuntu Focal)
   Importance: Undecided => High

** Changed in: libreoffice (Ubuntu Focal)
   Status: New => In Progress

** Changed in: libreoffice (Ubuntu Focal)
 Assignee: (unassigned) => Rico Tzschichholz (ricotz)

** Patch added: "libreoffice_7.3.7-0ubuntu0.22.04.8.diff"
   
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+attachment/5853639/+files/libreoffice_7.3.7-0ubuntu0.22.04.8.diff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-24 Thread Rico Tzschichholz

https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/16934338/+listing-
archive-extra

** Patch added: "libreoffice_24.2.7-0ubuntu0.24.04.2.diff"
   
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+attachment/5853640/+files/libreoffice_24.2.7-0ubuntu0.24.04.2.diff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-23 Thread Rico Tzschichholz

** Patch removed: "libreoffice_24.2.7-0ubuntu0.24.04.2.diff"
   
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+attachment/5853491/+files/libreoffice_24.2.7-0ubuntu0.24.04.2.diff

** Changed in: libreoffice (Ubuntu Jammy)
   Status: New => In Progress

** Changed in: libreoffice (Ubuntu Jammy)
   Importance: Undecided => High

** Changed in: libreoffice (Ubuntu Jammy)
 Assignee: (unassigned) => Rico Tzschichholz (ricotz)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-22 Thread Rico Tzschichholz

Test build was done at
https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/16889631/+listing-
archive-extra

** Patch added: "libreoffice_24.2.7-0ubuntu0.24.04.2.diff"
   
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+attachment/5853491/+files/libreoffice_24.2.7-0ubuntu0.24.04.2.diff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-20 Thread Rico Tzschichholz

** Changed in: libreoffice (Ubuntu Noble)
   Status: New => In Progress

** Changed in: libreoffice (Ubuntu Noble)
   Importance: Undecided => Critical

** Changed in: libreoffice (Ubuntu Noble)
   Importance: Critical => High

** Changed in: libreoffice (Ubuntu Oracular)
   Importance: Undecided => High

** Changed in: libreoffice (Ubuntu Noble)
 Assignee: (unassigned) => Rico Tzschichholz (ricotz)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

2025-01-20 Thread Rico Tzschichholz

For oracular, the security no-change rebuild can be issued after the SRU was 
accepted into oracular-updates
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2091971

** Changed in: libreoffice (Ubuntu Oracular)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095307

Title:
  CVE-2024-12425 and CVE-2024-12426

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2095307/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

[Bug 2095307] Re: CVE-2024-12425 and CVE-2024-12426

10 matches

Site Navigation

Mail list logo

Footer information