[Bug 1316243] Re: [SRU] Prevent DoS via OOXML

Björn Michaelsen bjoern.michaelsen at canonical.com
Tue May 6 17:00:39 UTC 2014


** Changed in: libreoffice (Ubuntu Precise)
       Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1316243

Title:
  [SRU] Prevent DoS via OOXML

Status in “libreoffice” package in Ubuntu:
  Fix Released
Status in “libreoffice” source package in Precise:
  In Progress

Bug description:
  LibreOffice 3.5.x allows remote attackers to cause a denial of service
  (memory corruption) or possibly have unspecified other impact via a
  crafted element in an OOXML document file.

  SRU data:

  [Impact]

   * DoS/application termination upon opening crafted file

  [Test Case]

   * none

  [Regression Potential]

   * patch affects only OOXML filters for Writer
   * change is in all upstream LibreOffice releases since 3.6.7/4.0.4, so regression potential is low
   * patch has been considered fine by the security team

  [Other Info]
   * none

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1316243/+subscriptions



More information about the Ubuntu-sponsors mailing list