lp://staging/ubuntu/breezy-security/koffice

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

9. By Jonathan Riddell on 2007-01-15

* SECURITY UPDATE: kpdf/kword/xpdf denial of service vulnerability
* kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
  a vulnerability that can cause denial of service (infinite loop)
  via a PDF file that contains a crafted catalog dictionary
  or a crafted Pages attribute that references an invalid page
  tree node.
* Add kubuntu_07_xpdf_vulnerability.diff
* References:
  http://www.kde.org/info/security/advisory-20070115-1.txt
  CVE-2007-0104

8. By Kees Cook on 2006-11-27

* SECURITY UPDATE: interger/buffer overflow in PPT filter code.
* Add debian/patches/99_olefilter-overflow.diff: cap bbd_block counts.
* References
  CVE-2006-6120

7. By Jonathan Riddell on 2006-04-12

* SECURITY UPDATE: Multiple integer/buffer overflows in embedded xpdf code.
* Add debian/patches/kubuntu_03_xpdf_vulnerability.diff:
  - xpdf/JBIG2Stream.cc, xpdf/Stream.h: Fix various integer overflows.
  - Upstream patch from Derek Noonburg.
* CVE-2006-1244

6. By Jonathan Riddell on 2006-01-06

* SECURITY UPDATE: Multiple integer/buffer overflows.
* Update kubuntu_02_xpdf_vulnerability.diff
* xpdf/Stream.cc, CCITTFaxStream::CCITTFaxStream():
  - Check columns for negative or large values.
  - CVE-2005-3624
* xpdf/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
  - Reset numComps to 0 since it's a global variable that is used later.
  - CVE-2005-3627
* xpdf/Stream.cc, DCTStream::readHuffmanTables():
  - Fix out of bounds array access in Huffman tables.
  - CVE-2005-3627
* xpdf/Stream.cc, DCTStream::readMarker():
  - Check for EOF in while loop to prevent endless loops.
  - CVE-2005-3625
* xpdf/JBIG2Stream.cc, JBIG2Bitmap::JBIG2Bitmap(), JBIG2Bitmap::expand(),
  JBIG2Stream::readHalftoneRegionSeg():
  - Check user supplied width and height against invalid values.
  - Allocate one extra byte to prevent out of bounds access in combine().
  - CVE-2005-3628
* References:
    CVE-2005-3626
    CESA-2005-003
    http://www.kde.org/info/security/advisory-20051207-2.txt

5. By Jonathan Riddell on 2005-12-09

* SECURITY UPDATE: Multiple integer/buffer overflows.
* xpdf/Stream.cc, DCTStream::readBaselineSOF(),
  DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
  - Check numComps for invalid values.
  - http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
  - CVE-2005-3191
* xpdf/Stream.cc, StreamPredictor::StreamPredictor():
  - Check rowBytes for invalid values.
  - http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
  - CVE-2005-3192
* xpdf sources do not contain JPXStream.cc, and are thus
  not vulnerable against CVE-2005-3193

4. By Jonathan Riddell on 2005-10-11

* SECURITY UPDATE: fix heap based buffer overflow in the RTF importer of KWord
* Opening specially crafted RTF files in KWord can cause
  execution of abitrary code.
* Add kubuntu_01_rtfimport_heap_overflow.diff
* References:
  CAN-2005-2971
  CESA-2005-005
  http://www.koffice.org/security/advisory-20051011-1.txt

3. By Ben Burton on 2004-05-09

* New upstream bugfix release.
* Built against newer imagemagick (closes: #246623).
* Made koffice-libs/kformula recommend/depend on latex-xft-fonts, which
  provides mathematical fonts that the formula editor can use. Also
  patched the kformula part to make these fonts the default.
* Changed kword menu hint from "WordProcessors" to "Word processors"
  (closes: #246209).
* Spellchecker configuration is now fixed (closes: #221256, #227568).

2. By Ben Burton <email address hidden> on 2002-04-01

* Fixed documentation conflicts (closes: Bug#140688).
* Demo files are all once zipped with no .gz extension (closes: Bug#136288).

1. By Ben Burton <email address hidden> on 2002-04-01

Import upstream version 1.1.1