Ubuntu
openoffice.org package

lp://staging/ubuntu/hoary-security/openoffice.org

Hoary (5.04)
hoary-security

Created by James Westby on 2010-02-21 and last modified on 2010-02-21

Get this branch:: bzr branch lp://staging/ubuntu/hoary-security/openoffice.org

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

5. By Martin Pitt on 2006-07-04: * SECURITY UPDATE: Arbitrary code execution with crafted documents.
* Took patches from Debian's 1.1.3-9sarge1 and 1.1.3-9sarge2, thanks to Rene
  Engelhard!
* ooo-build/patches/OOO_1_1/sax+source+expatwrap+xml2utf.cxx.diff:
  security patch again (from upstream); fix memory corruption bug;
  it was possible to write values to arbritrary memory when
  opening special files. (CVE-2006-3117)
* ooo-build/patches/OOO_1_1/6438334-macros-so7-sfx2.diff: add patch
  from upstream to fix macro handling security bug; it was possible to
  embed macros in documents without OOo seeing them and executing them
  without any user interaction. (CVE-2006-2198)
* ooo-build/patches/OOO_1_1/6438333-applets-so7-officecfg.diff: add patch
  from upstream to disable Java applets feature because it's possible
  to write Java applets breaking out of the sandbox (NB: the normal
  packages don't build with Java so are not affected, but the
  openoffice.org-java addon package is) (CVE-2006-2199)
* debian/scripts/vars.i386: disable mozab on i386, too; uses mozilla
  *1.0* code and is a security nightmare. Already done pre-sarge for ppc,
  s390 and sparc but forgotten for i386 :/
* debian/MANIFEST.i386: update
4. By Martin Pitt on 2005-04-13: * SECURITY UPDATE: Fix buffer overflow on malicious documents.
* Added patch CAN-2005-0941.patch:
  - util/sot/source/sdstor/stgole.cxx(), StgCompObjStream::Load(): Ignore
    the upper 16 bits of document-specified length (32 bit) since at
    allocation it is truncated to a 16-bit value, which can lead to
    wraparounds. [CAN-2005-0941]
3. By Matthias Klose on 2005-04-06: * Prefer a working font for the greek ui serif font. Ubuntu #2374.
* Hide more seldom used OOo menu entries.
* Fix display of accented characters for documents created with
the OOo version from warty. Ubuntu #7538.
2. By Nathaniel McCallum <email address hidden> on 2004-09-23: * ooo-build/patches/OOO_1_1_2/apply: add these new patches
  - ooo-build/patches/OOO_1_1/security-tmp-dir.diff: upstream security fix
      . Ubuntu bug #1308
  - ooo-build/patches/OOO_1_1/gnome_desktop_files.diff:
      . combines desktop-menu-names.diff and desktop-mime.diff. bug #1188
      . add rtf mimetypes to Writer's mimetypes. bug #1638
      . add ppt mimetype to Impress's mimetypes. bug #1494
  - ooo-build/patches/OOO_1_1/ubuntu-splash.diff:
      . add Ubuntu as the vendor
      . reset splash to default OOo splash. bug #1076
* ooo-build/patches/OOO_1_1_2/apply: remove the patches replaced
    . debian-splash.diff
    . desktop-menu-names.diff
    . desktop-mime.diff
* debian/rules: don't build debian splash image
* debian/rules: don't change translations for woody
1. By Nathaniel McCallum <email address hidden> on 2004-09-23: Import upstream version 1.1.2

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntuopenoffice.org package