[ubuntu/focal-updates] libreoffice 1:6.4.7-0ubuntu0.20.04.9 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Thu Dec 14 13:33:55 UTC 2023


libreoffice (1:6.4.7-0ubuntu0.20.04.9) focal-security; urgency=medium

  * SECURITY UPDATE: Improper input validation enabling arbitrary Gstreamer
     pipeline injection
    - debian/patches/CVE-2023-6185.patch: escape url passed to gstreamer
    - CVE-2023-6185
  * SECURITY UPDATE: Link targets allow arbitrary script execution
    - debian/patches/CVE-2023-6186-*.patch: multiple commits to fix
      security issues.
    - CVE-2023-6186
  * patches/CppunitTest_desktop_lib-adjust-asserts-so-this-works.patch:
    - Usage of expired certificates in CppunitTest_desktop_lib:
      adjust asserts so this works again

Date: 2023-12-12 12:57:11.167888+00:00
Changed-By: Rico Tzschichholz <ricotz at web.de>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/libreoffice/1:6.4.7-0ubuntu0.20.04.9
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list