subject:"\[Desktop\-packages\] \[Bug 1748999\] Re\: \[SRU\] libreoffice 5.4.5 for artful"

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

2018-02-21 Thread Launchpad Bug Tracker

This bug was fixed in the package libreoffice-l10n -
1:5.4.5-0ubuntu0.17.10.1

---
libreoffice-l10n (1:5.4.5-0ubuntu0.17.10.1) artful; urgency=medium

  * New upstream release (LP: #1748999)
- fixes CVE-2018-6871: Remote arbitrary file disclosure vulnerability via
  WEBSERVICE formula
  * debian/patches/apparmor-senddoc-fixes.patch: apparmor fixes for the
senddoc profile (LP: #1748895)

 -- Olivier Tilloy   Tue, 13 Feb 2018
11:25:01 +0100

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice-l10n in Ubuntu.
https://bugs.launchpad.net/bugs/1748999

Title:
  [SRU] libreoffice 5.4.5 for artful

Status in libreoffice package in Ubuntu:
  Fix Released
Status in libreoffice-l10n package in Ubuntu:
  Fix Released

Bug description:
  [Impact]

   * LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line. 
Version 5.4.4 is currently in artful-proposed.
 For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in 
the RC1:
   https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs

   * Given the nature of the project, the complexity of the codebase and
  the high level of quality assurance upstream, it is preferable to SRU
  a minor release rather than cherry-pick selected bug fixes.

   * Libreoffice 5.4.5 fixes CVE-2018-6871

  [Test Case]

   * CVE-2018-6871 should be verified to be fixed

   * No other specific test case, bugs fixed upstream hopefully come
  with unit/regression tests, and the release itself is extensively
  exercised upstream (both in an automated manner and manually) by a
  community of testers. Each minor release usually goes through two
  release candidates, but 5.4.5 was initially unscheduled and it had a
  shortened cycle (only a single RC).

   * The libreoffice packages include autopkgtests, those should be run
  and verified to pass.

   * General smoke testing of all the applications in the office suite
  should be carried out.

  [Regression Potential]

   * A minor release with a total of 69 bug fixes always carries the
  potential for introducing regressions, even though it is a bugfix-only
  release, meaning that no new features were added, and no existing
  features were removed.

   * A combination of autopkgtests and careful smoke testing as
  described above should provide reasonable confidence that no
  regressions sneaked in.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

2018-02-21 Thread Launchpad Bug Tracker

This bug was fixed in the package libreoffice - 1:5.4.5-0ubuntu0.17.10.1

---
libreoffice (1:5.4.5-0ubuntu0.17.10.1) artful; urgency=medium

  * New upstream release (LP: #1748999)
- fixes CVE-2018-6871: Remote arbitrary file disclosure vulnerability via
  WEBSERVICE formula
  * debian/patches/apparmor-senddoc-fixes.patch: apparmor fixes for the
senddoc profile (LP: #1748895)

 -- Olivier Tilloy   Tue, 13 Feb 2018
11:25:01 +0100

** Changed in: libreoffice (Ubuntu)
   Status: Fix Committed => Fix Released

** Changed in: libreoffice-l10n (Ubuntu)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice-l10n in Ubuntu.
https://bugs.launchpad.net/bugs/1748999

Title:
  [SRU] libreoffice 5.4.5 for artful

Status in libreoffice package in Ubuntu:
  Fix Released
Status in libreoffice-l10n package in Ubuntu:
  Fix Released

Bug description:
  [Impact]

   * LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line. 
Version 5.4.4 is currently in artful-proposed.
 For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in 
the RC1:
   https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs

   * Given the nature of the project, the complexity of the codebase and
  the high level of quality assurance upstream, it is preferable to SRU
  a minor release rather than cherry-pick selected bug fixes.

   * Libreoffice 5.4.5 fixes CVE-2018-6871

  [Test Case]

   * CVE-2018-6871 should be verified to be fixed

   * No other specific test case, bugs fixed upstream hopefully come
  with unit/regression tests, and the release itself is extensively
  exercised upstream (both in an automated manner and manually) by a
  community of testers. Each minor release usually goes through two
  release candidates, but 5.4.5 was initially unscheduled and it had a
  shortened cycle (only a single RC).

   * The libreoffice packages include autopkgtests, those should be run
  and verified to pass.

   * General smoke testing of all the applications in the office suite
  should be carried out.

  [Regression Potential]

   * A minor release with a total of 69 bug fixes always carries the
  potential for introducing regressions, even though it is a bugfix-only
  release, meaning that no new features were added, and no existing
  features were removed.

   * A combination of autopkgtests and careful smoke testing as
  described above should provide reasonable confidence that no
  regressions sneaked in.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

2018-02-21 Thread Olivier Tilloy

Yes the CVE affects xenial and trusty, too. Backports of the patch are
being prepared for those, this bug targets 5.4.5 on artful only.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice-l10n in Ubuntu.
https://bugs.launchpad.net/bugs/1748999

Title:
  [SRU] libreoffice 5.4.5 for artful

Status in libreoffice package in Ubuntu:
  Fix Committed
Status in libreoffice-l10n package in Ubuntu:
  Fix Committed

Bug description:
  [Impact]

   * LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line. 
Version 5.4.4 is currently in artful-proposed.
 For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in 
the RC1:
   https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs

   * Given the nature of the project, the complexity of the codebase and
  the high level of quality assurance upstream, it is preferable to SRU
  a minor release rather than cherry-pick selected bug fixes.

   * Libreoffice 5.4.5 fixes CVE-2018-6871

  [Test Case]

   * CVE-2018-6871 should be verified to be fixed

   * No other specific test case, bugs fixed upstream hopefully come
  with unit/regression tests, and the release itself is extensively
  exercised upstream (both in an automated manner and manually) by a
  community of testers. Each minor release usually goes through two
  release candidates, but 5.4.5 was initially unscheduled and it had a
  shortened cycle (only a single RC).

   * The libreoffice packages include autopkgtests, those should be run
  and verified to pass.

   * General smoke testing of all the applications in the office suite
  should be carried out.

  [Regression Potential]

   * A minor release with a total of 69 bug fixes always carries the
  potential for introducing regressions, even though it is a bugfix-only
  release, meaning that no new features were added, and no existing
  features were removed.

   * A combination of autopkgtests and careful smoke testing as
  described above should provide reasonable confidence that no
  regressions sneaked in.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

2018-02-21 Thread Trogel

It seems this also affects Xenial (16.04 LTS); see also the duplicate
bug #1748889. Is there a chance to get this bug also nominated for and
fixed in Xenial? Or should a separate bug report deal with Xenial?

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice-l10n in Ubuntu.
https://bugs.launchpad.net/bugs/1748999

Title:
  [SRU] libreoffice 5.4.5 for artful

Status in libreoffice package in Ubuntu:
  Fix Committed
Status in libreoffice-l10n package in Ubuntu:
  Fix Committed

Bug description:
  [Impact]

   * LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line. 
Version 5.4.4 is currently in artful-proposed.
 For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in 
the RC1:
   https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs

   * Given the nature of the project, the complexity of the codebase and
  the high level of quality assurance upstream, it is preferable to SRU
  a minor release rather than cherry-pick selected bug fixes.

   * Libreoffice 5.4.5 fixes CVE-2018-6871

  [Test Case]

   * CVE-2018-6871 should be verified to be fixed

   * No other specific test case, bugs fixed upstream hopefully come
  with unit/regression tests, and the release itself is extensively
  exercised upstream (both in an automated manner and manually) by a
  community of testers. Each minor release usually goes through two
  release candidates, but 5.4.5 was initially unscheduled and it had a
  shortened cycle (only a single RC).

   * The libreoffice packages include autopkgtests, those should be run
  and verified to pass.

   * General smoke testing of all the applications in the office suite
  should be carried out.

  [Regression Potential]

   * A minor release with a total of 69 bug fixes always carries the
  potential for introducing regressions, even though it is a bugfix-only
  release, meaning that no new features were added, and no existing
  features were removed.

   * A combination of autopkgtests and careful smoke testing as
  described above should provide reasonable confidence that no
  regressions sneaked in.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

2018-02-15 Thread Adolfo Jayme

** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice-l10n in Ubuntu.
https://bugs.launchpad.net/bugs/1748999

Title:
  [SRU] libreoffice 5.4.5 for artful

Status in libreoffice package in Ubuntu:
  Fix Committed
Status in libreoffice-l10n package in Ubuntu:
  Fix Committed

Bug description:
  [Impact]

   * LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line. 
Version 5.4.4 is currently in artful-proposed.
 For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in 
the RC1:
   https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs

   * Given the nature of the project, the complexity of the codebase and
  the high level of quality assurance upstream, it is preferable to SRU
  a minor release rather than cherry-pick selected bug fixes.

   * Libreoffice 5.4.5 fixes CVE-2018-6871

  [Test Case]

   * CVE-2018-6871 should be verified to be fixed

   * No other specific test case, bugs fixed upstream hopefully come
  with unit/regression tests, and the release itself is extensively
  exercised upstream (both in an automated manner and manually) by a
  community of testers. Each minor release usually goes through two
  release candidates, but 5.4.5 was initially unscheduled and it had a
  shortened cycle (only a single RC).

   * The libreoffice packages include autopkgtests, those should be run
  and verified to pass.

   * General smoke testing of all the applications in the office suite
  should be carried out.

  [Regression Potential]

   * A minor release with a total of 69 bug fixes always carries the
  potential for introducing regressions, even though it is a bugfix-only
  release, meaning that no new features were added, and no existing
  features were removed.

   * A combination of autopkgtests and careful smoke testing as
  described above should provide reasonable confidence that no
  regressions sneaked in.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

2018-02-13 Thread Clemens Fuchslocher

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6871

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice-l10n in Ubuntu.
https://bugs.launchpad.net/bugs/1748999

Title:
  [SRU] libreoffice 5.4.5 for artful

Status in libreoffice package in Ubuntu:
  Fix Committed
Status in libreoffice-l10n package in Ubuntu:
  Fix Committed

Bug description:
  [Impact]

   * LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line. 
Version 5.4.4 is currently in artful-proposed.
 For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in 
the RC1:
   https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs

   * Given the nature of the project, the complexity of the codebase and
  the high level of quality assurance upstream, it is preferable to SRU
  a minor release rather than cherry-pick selected bug fixes.

   * Libreoffice 5.4.5 fixes CVE-2018-6871

  [Test Case]

   * CVE-2018-6871 should be verified to be fixed

   * No other specific test case, bugs fixed upstream hopefully come
  with unit/regression tests, and the release itself is extensively
  exercised upstream (both in an automated manner and manually) by a
  community of testers. Each minor release usually goes through two
  release candidates, but 5.4.5 was initially unscheduled and it had a
  shortened cycle (only a single RC).

   * The libreoffice packages include autopkgtests, those should be run
  and verified to pass.

   * General smoke testing of all the applications in the office suite
  should be carried out.

  [Regression Potential]

   * A minor release with a total of 69 bug fixes always carries the
  potential for introducing regressions, even though it is a bugfix-only
  release, meaning that no new features were added, and no existing
  features were removed.

   * A combination of autopkgtests and careful smoke testing as
  described above should provide reasonable confidence that no
  regressions sneaked in.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

2018-02-12 Thread Olivier Tilloy

** Changed in: libreoffice (Ubuntu)
   Status: Confirmed => Fix Committed

** Changed in: libreoffice (Ubuntu)
   Importance: Undecided => High

** Also affects: libreoffice-l10n (Ubuntu)
   Importance: Undecided
   Status: New

** Changed in: libreoffice-l10n (Ubuntu)
   Status: New => Fix Committed

** Changed in: libreoffice-l10n (Ubuntu)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/1748999

Title:
  [SRU] libreoffice 5.4.5 for artful

Status in libreoffice package in Ubuntu:
  Fix Committed
Status in libreoffice-l10n package in Ubuntu:
  Fix Committed

Bug description:
  [Impact]

   * LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line. 
Version 5.4.4 is currently in artful-proposed.
 For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in 
the RC1:
   https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs

   * Given the nature of the project, the complexity of the codebase and
  the high level of quality assurance upstream, it is preferable to SRU
  a minor release rather than cherry-pick selected bug fixes.

   * Libreoffice 5.4.5 fixes CVE-2018-6871

  [Test Case]

   * CVE-2018-6871 should be verified to be fixed

   * No other specific test case, bugs fixed upstream hopefully come
  with unit/regression tests, and the release itself is extensively
  exercised upstream (both in an automated manner and manually) by a
  community of testers. Each minor release usually goes through two
  release candidates, but 5.4.5 was initially unscheduled and it had a
  shortened cycle (only a single RC).

   * The libreoffice packages include autopkgtests, those should be run
  and verified to pass.

   * General smoke testing of all the applications in the office suite
  should be carried out.

  [Regression Potential]

   * A minor release with a total of 69 bug fixes always carries the
  potential for introducing regressions, even though it is a bugfix-only
  release, meaning that no new features were added, and no existing
  features were removed.

   * A combination of autopkgtests and careful smoke testing as
  described above should provide reasonable confidence that no
  regressions sneaked in.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

2018-02-12 Thread Launchpad Bug Tracker

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: libreoffice (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/1748999

Title:
  [SRU] libreoffice 5.4.5 for artful

Status in libreoffice package in Ubuntu:
  Fix Committed
Status in libreoffice-l10n package in Ubuntu:
  Fix Committed

Bug description:
  [Impact]

   * LibreOffice 5.4.5 is the fifth bugfix release of the still 5.4 line. 
Version 5.4.4 is currently in artful-proposed.
 For a list of fixed bugs compared to 5.4.4 see the list of bugs fixed in 
the RC1:
   https://wiki.documentfoundation.org/Releases/5.4.5/RC1#List_of_fixed_bugs

   * Given the nature of the project, the complexity of the codebase and
  the high level of quality assurance upstream, it is preferable to SRU
  a minor release rather than cherry-pick selected bug fixes.

   * Libreoffice 5.4.5 fixes CVE-2018-6871

  [Test Case]

   * CVE-2018-6871 should be verified to be fixed

   * No other specific test case, bugs fixed upstream hopefully come
  with unit/regression tests, and the release itself is extensively
  exercised upstream (both in an automated manner and manually) by a
  community of testers. Each minor release usually goes through two
  release candidates, but 5.4.5 was initially unscheduled and it had a
  shortened cycle (only a single RC).

   * The libreoffice packages include autopkgtests, those should be run
  and verified to pass.

   * General smoke testing of all the applications in the office suite
  should be carried out.

  [Regression Potential]

   * A minor release with a total of 69 bug fixes always carries the
  potential for introducing regressions, even though it is a bugfix-only
  release, meaning that no new features were added, and no existing
  features were removed.

   * A combination of autopkgtests and careful smoke testing as
  described above should provide reasonable confidence that no
  regressions sneaked in.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1748999/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

[Desktop-packages] [Bug 1748999] Re: [SRU] libreoffice 5.4.5 for artful

8 matches

Site Navigation

Mail list logo

Footer information