[ubuntu/xenial-security] libreoffice 1:5.1.6~rc2-0ubuntu1~xenial8 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jul 17 18:11:35 UTC 2019

libreoffice (1:5.1.6~rc2-0ubuntu1~xenial8) xenial-security; urgency=medium

  * SECURITY UPDATE: LibreLogo arbitrary script execution
    - debian/patches/CVE-2019-9848.diff: don't allow LibreLogo to be used with
      mouseover/etc dom-alike events.
    - CVE-2019-9848
  * SECURITY UPDATE: Remote bullet graphics retrieved in 'stealth mode'
    - debian/patches/CVE-2019-9849.diff: include bullet graphics in 'stealth
      mode' protection.
    - CVE-2019-9849

libreoffice (1:5.1.6~rc2-0ubuntu1~xenial7) xenial; urgency=medium

  [ Ikuya Awashiro ]
  * debian/patches/new-japanese-era-name.patch (LP: #1827451):
    Add new Japanse era name "Reiwa" support which taken from upstream:

   [ Olivier Tilloy ]
   * debian/patches/java.vendor-Ubuntu.patch: update to also recognize
     "Private Build" as java.vendor (for custom PPA builds) (LP: #1822839)
   * debian/patches/java.vendor-Ubuntu.patch: also make jvmfwk recognize
     "Ubuntu" as java.vendor (LP: #1822839)
   [ Rene Engelhard ]
   * debian/patches/java.vendor-Debian.diff: make jvmfwk recognize "Debian"
     as java.vendor as that's what is set in openjdk 11 >= 11.0.3+4-2
     - see #926009 (closes: #926318) (LP: #1822839)

Date: 2019-07-16 23:42:16.733737+00:00
Changed-By: Marcus Tomlinson <marcus.tomlinson at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list