lp://staging/ubuntu/breezy-security/koffice
- Get this branch:
- bzr branch lp://staging/ubuntu/breezy-security/koffice
Branch merges
Branch information
Recent revisions
- 9. By Jonathan Riddell
-
* SECURITY UPDATE: kpdf/kword/xpdf denial of service vulnerability
* kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
a vulnerability that can cause denial of service (infinite loop)
via a PDF file that contains a crafted catalog dictionary
or a crafted Pages attribute that references an invalid page
tree node.
* Add kubuntu_07_xpdf_ vulnerability. diff
* References:
http://www.kde. org/info/ security/ advisory- 20070115- 1.txt
CVE-2007-0104 - 8. By Kees Cook
-
* SECURITY UPDATE: interger/buffer overflow in PPT filter code.
* Add debian/patches/ 99_olefilter- overflow. diff: cap bbd_block counts.
* References
CVE-2006-6120 - 7. By Jonathan Riddell
-
* SECURITY UPDATE: Multiple integer/buffer overflows in embedded xpdf code.
* Add debian/patches/ kubuntu_ 03_xpdf_ vulnerability. diff:
- xpdf/JBIG2Stream.cc, xpdf/Stream.h: Fix various integer overflows.
- Upstream patch from Derek Noonburg.
* CVE-2006-1244 - 6. By Jonathan Riddell
-
* SECURITY UPDATE: Multiple integer/buffer overflows.
* Update kubuntu_02_xpdf_ vulnerability. diff
* xpdf/Stream.cc, CCITTFaxStream::CCITTFaxStream ():
- Check columns for negative or large values.
- CVE-2005-3624
* xpdf/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
- Reset numComps to 0 since it's a global variable that is used later.
- CVE-2005-3627
* xpdf/Stream.cc, DCTStream::readHuffmanTab les():
- Fix out of bounds array access in Huffman tables.
- CVE-2005-3627
* xpdf/Stream.cc, DCTStream::readMarker( ):
- Check for EOF in while loop to prevent endless loops.
- CVE-2005-3625
* xpdf/JBIG2Stream.cc, JBIG2Bitmap: :JBIG2Bitmap( ), JBIG2Bitmap: :expand( ),
JBIG2Stream::readHalftoneRe gionSeg( ):
- Check user supplied width and height against invalid values.
- Allocate one extra byte to prevent out of bounds access in combine().
- CVE-2005-3628
* References:
CVE-2005-3626
CESA-2005-003
http://www.kde. org/info/ security/ advisory- 20051207- 2.txt - 5. By Jonathan Riddell
-
* SECURITY UPDATE: Multiple integer/buffer overflows.
* xpdf/Stream.cc, DCTStream::readBaselineSO F(),
DCTStream::readProgressiv eSOF(), DCTStream: :readScanInfo( ):
- Check numComps for invalid values.
- http://www.idefense. com/application /poi/display? id=342& type=vulnerabil ities
- CVE-2005-3191
* xpdf/Stream.cc, StreamPredictor::StreamPredict or():
- Check rowBytes for invalid values.
- http://www.idefense. com/application /poi/display? id=344& type=vulnerabil ities
- CVE-2005-3192
* xpdf sources do not contain JPXStream.cc, and are thus
not vulnerable against CVE-2005-3193 - 4. By Jonathan Riddell
-
* SECURITY UPDATE: fix heap based buffer overflow in the RTF importer of KWord
* Opening specially crafted RTF files in KWord can cause
execution of abitrary code.
* Add kubuntu_01_rtfimport_ heap_overflow. diff
* References:
CAN-2005-2971
CESA-2005-005
http://www.koffice. org/security/ advisory- 20051011- 1.txt - 3. By Ben Burton
-
* New upstream bugfix release.
* Built against newer imagemagick (closes: #246623).
* Made koffice-libs/kformula recommend/depend on latex-xft-fonts, which
provides mathematical fonts that the formula editor can use. Also
patched the kformula part to make these fonts the default.
* Changed kword menu hint from "WordProcessors" to "Word processors"
(closes: #246209).
* Spellchecker configuration is now fixed (closes: #221256, #227568). - 2. By Ben Burton <email address hidden>
-
* Fixed documentation conflicts (closes: Bug#140688).
* Demo files are all once zipped with no .gz extension (closes: Bug#136288).
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/karmic/koffice