lp://staging/ubuntu/hoary-security/openoffice.org
- Get this branch:
- bzr branch lp://staging/ubuntu/hoary-security/openoffice.org
Branch merges
Branch information
Recent revisions
- 5. By Martin Pitt
-
* SECURITY UPDATE: Arbitrary code execution with crafted documents.
* Took patches from Debian's 1.1.3-9sarge1 and 1.1.3-9sarge2, thanks to Rene
Engelhard!
* ooo-build/patches/ OOO_1_1/ sax+source+ expatwrap+ xml2utf. cxx.diff:
security patch again (from upstream); fix memory corruption bug;
it was possible to write values to arbritrary memory when
opening special files. (CVE-2006-3117)
* ooo-build/patches/ OOO_1_1/ 6438334- macros- so7-sfx2. diff: add patch
from upstream to fix macro handling security bug; it was possible to
embed macros in documents without OOo seeing them and executing them
without any user interaction. (CVE-2006-2198)
* ooo-build/patches/ OOO_1_1/ 6438333- applets- so7-officecfg. diff: add patch
from upstream to disable Java applets feature because it's possible
to write Java applets breaking out of the sandbox (NB: the normal
packages don't build with Java so are not affected, but the
openoffice.org-java addon package is) (CVE-2006-2199)
* debian/scripts/ vars.i386: disable mozab on i386, too; uses mozilla
*1.0* code and is a security nightmare. Already done pre-sarge for ppc,
s390 and sparc but forgotten for i386 :/
* debian/MANIFEST. i386: update - 4. By Martin Pitt
-
* SECURITY UPDATE: Fix buffer overflow on malicious documents.
* Added patch CAN-2005-0941.patch:
- util/sot/source/ sdstor/ stgole. cxx(), StgCompObjStrea m::Load( ): Ignore
the upper 16 bits of document-specified length (32 bit) since at
allocation it is truncated to a 16-bit value, which can lead to
wraparounds. [CAN-2005-0941] - 3. By Matthias Klose
-
* Prefer a working font for the greek ui serif font. Ubuntu #2374.
* Hide more seldom used OOo menu entries.
* Fix display of accented characters for documents created with
the OOo version from warty. Ubuntu #7538. - 2. By Nathaniel McCallum <email address hidden>
-
* ooo-build/
patches/ OOO_1_1_ 2/apply: add these new patches
- ooo-build/patches/ OOO_1_1/ security- tmp-dir. diff: upstream security fix
. Ubuntu bug #1308
- ooo-build/patches/ OOO_1_1/ gnome_desktop_ files.diff:
. combines desktop-menu-names. diff and desktop-mime.diff. bug #1188
. add rtf mimetypes to Writer's mimetypes. bug #1638
. add ppt mimetype to Impress's mimetypes. bug #1494
- ooo-build/patches/ OOO_1_1/ ubuntu- splash. diff:
. add Ubuntu as the vendor
. reset splash to default OOo splash. bug #1076
* ooo-build/patches/ OOO_1_1_ 2/apply: remove the patches replaced
. debian-splash.diff
. desktop-menu-names. diff
. desktop-mime.diff
* debian/rules: don't build debian splash image
* debian/rules: don't change translations for woody
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)