[Bug 1316243] Re: [SRU] Prevent DoS via OOXML
Björn Michaelsen
bjoern.michaelsen at canonical.com
Tue May 6 15:58:55 UTC 2014
updated package is here:
http://people.canonical.com/~bjoern/precise/3.5.7/ubuntu6/libreoffice_3.5.7-0ubuntu6_source.changes
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1316243
Title:
[SRU] Prevent DoS via OOXML
Status in “libreoffice” package in Ubuntu:
Fix Released
Status in “libreoffice” source package in Precise:
New
Bug description:
LibreOffice 3.5.x allows remote attackers to cause a denial of service
(memory corruption) or possibly have unspecified other impact via a
crafted element in an OOXML document file.
SRU data:
[Impact]
* DoS/application termination upon opening crafted file
[Test Case]
* none
[Regression Potential]
* patch affects only OOXML filters for Writer
* change is in all upstream LibreOffice releases since 3.6.7/4.0.4, so regression potential is low
* patch has been considered fine by the security team
[Other Info]
* none
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1316243/+subscriptions
More information about the Ubuntu-sponsors
mailing list