This bug was fixed in the package libreoffice-l10n -
1:5.4.5-0ubuntu0.17.10.1
---------------
libreoffice-l10n (1:5.4.5-0ubuntu0.17.10.1) artful; urgency=medium
* New upstream release (LP: #1748999)
- fixes CVE-2018-6871: Remote arbitrary file disclosure vulnerability via
WEBSERVICE formula
* debian/patches/apparmor-senddoc-fixes.patch: apparmor fixes for the
senddoc profile (LP: #1748895)
-- Olivier Tilloy <[email protected]> Tue, 13 Feb 2018
11:25:01 +0100
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice-l10n in Ubuntu.
https://bugs.launchpad.net/bugs/1748999
Title:
[SRU] libreoffice 5.4.5 for artful
Status in libreoffice package in Ubuntu:
Fix Released
Status in libreoffice-l10n package in Ubuntu:
Fix Released
Bug description:
[Impact]
* LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line.
Version 5.4.4 is currently in artful-proposed.
For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in
the RC1:
https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs
* Given the nature of the project, the complexity of the codebase and
the high level of quality assurance upstream, it is preferable to SRU
a minor release rather than cherry-pick selected bug fixes.
* Libreoffice 5.4.5 fixes CVE-2018-6871
[Test Case]
* CVE-2018-6871 should be verified to be fixed
* No other specific test case, bugs fixed upstream hopefully come
with unit/regression tests, and the release itself is extensively
exercised upstream (both in an automated manner and manually) by a
community of testers. Each minor release usually goes through two
release candidates, but 5.4.5 was initially unscheduled and it had a
shortened cycle (only a single RC).
* The libreoffice packages include autopkgtests, those should be run
and verified to pass.
* General smoke testing of all the applications in the office suite
should be carried out.
[Regression Potential]
* A minor release with a total of 69 bug fixes always carries the
potential for introducing regressions, even though it is a bugfix-only
release, meaning that no new features were added, and no existing
features were removed.
* A combination of autopkgtests and careful smoke testing as
described above should provide reasonable confidence that no
regressions sneaked in.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
