According to upstream this issue was fixed in LibreOffice 3.5.5. ** Visibility changed to: Public
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libreoffice in Ubuntu. https://bugs.launchpad.net/bugs/973881 Title: Vulnerable to the billion laughs attack Status in “libreoffice” package in Ubuntu: Confirmed Bug description: If one alters one of the various xml file formats that libreoffice supports(I tested against .docx and .odt - I assume the other formats are also vulnerable) and inserts the [0] billion laughs 'stock' xml attack into the document when libreoffice attempts to open the file then it will expand the entities (using 100% cpu and continuing to use more and more memory). I will attach an example .odt file where the content.xml inside the zip container has been modified to this issue. [0]http://en.wikipedia.org/wiki/Billion_laughs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/973881/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
