tl;dr Upgrade to 7.6.7 or 24.2.3
---
CVE-2024-3044: Graphic on-click binding allows unchecked script
execution
Fixed in: LibreOffice 7.6.7/24.2.3
Description:
LibreOffice supports binding scripts to click events on graphics. In
affected version of LibreOffice there are scenarios where
tl;dr Upgrade to 7.5.9 or 7.6.4
---
CVE-2023-6185: Improper input validation enabling arbitrary Gstreamer
pipeline injection
Fixed in: LibreOffice 7.5.9/7.6.3
Description:
LibreOffice supports embedded videos in file formats via platform
audio/video support. Typically under Linux this is via
tl;dr: upgrade to LibreOffice >= 7.5.7 or >= 7.6.2
LibreOffice typically (unless provided by a Linux distribution)
contains a bundled copy of the 3rd party library, libwebp
CVE-2023-4863 was reported for libwebp < 1.3.2 so correspondingly
libweb was upgraded to 1.3.2 in the 7.5.7 and 7.6.2
tl;dr: upgrade to LibreOffice >= 7.4.6 or >= 7.5.1
CVE-2023-1183 Arbitrary File Write in hsqldb 1.8.0
Fixed in: LibreOffice 7.4.6/7.5.1
Description:
LibreOffice supports embedded databases in its odb file format. The
most common format is hsqldb. LibreOffice typically contains a copy of
hsqldb
tl;dr: upgrade to LibreOffice >= 7.4.7 or >= 7.5.3
CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing
Fixed in: LibreOffice 7.4.6/7.5.1
Description:
In the affected versions of LibreOffice certain malformed spreadsheet
formulas, such as AGGREGATE, could be created with less parameters
tl;dr: upgrade to LibreOffice >= 7.2.6 or >= 7.3.1, (which was already
recommended)
https://www.libreoffice.org/about-us/security/advisories/CVE-2022-38745
CVE-2022-38745: Empty entry in Java class path risks arbitrary code
execution
Fixed in: LibreOffice 7.2.6/7.3.1
Description:
Most
On Sat, 2023-02-11 at 09:32 -0500, Patrick Luby wrote:
> Anyway, I know that preparing the application for this certicate was
> not an easy task, but would TDF be willing to publicly share their
> application (or at least any technical answers) with the community?
FWIW: the ANSSI cert was
tl:dr upgrade LibreOffice 7-2 to 7.2.7,
and/or upgrade LibreOffice 7-3 to 7.3.3
CVE-2022-26305 Execution of Untrusted Macros Due to Improper
Certificate Validation
Due to a poor mechanism for comparing the authors of certificates it
was possible to make a digitally signed document containing
, legal
compliance, GDPR, trademarks”.
The former members of the legal oversight group regarding “contracts,
legal compliance, GDPR, trademarks” shall be replaced by the new
members Caolán McNamara, Emiliano Vavassori and Paolo Vecchi. (All
other oversight groups remain unchanged.)
We hereby
I suggest a little calming pause for a day or two on this list, it has
become somewhat fraught. It would be great to hold off on posting
anything rash and give the part of the board here in Berlin a chance to
get back home and catch up.
--
Caolán McNamara, Member of the Board of Directors
On Wed, 2022-06-08 at 11:44 +0200, Florian Effenberger wrote:
> happy to update the vote template if the board is fine with that.
>
> All board members are on this list, so we can gather some feedback.
Yeah, I'm content to see that information presented by default.
--
Caolán McNamar
areas of
development is appealing, I fear there may exist a general feeling TDF
developers will solve everyone's pet peeves whereas hiring to primarily
do a specific XY sets achievable expectations.
--
Caolán McNamara, Member of the Board of Directors
The Document Foundation, Kurfürstendamm
On Thu, 2022-04-28 at 20:27 +0200, Andreas Mantke wrote:
> it may be good to know why there are the need for two members from
> one ecosystem company? Has no other individual contributors or
> ecosystem system members shown interest to participate in the ESC?
>
> The ESC should represent a wide
with +1/-1/abstain to
+1
--
Caolán McNamara, Member of the Board of Directors
The Document Foundation, Kurfürstendamm 188, 10707 Berlin, DE
Gemeinnützige rechtsfähige Stiftung des bürgerlichen Rechts
Legal details: https://www.documentfoundation.org/imprint
--
To unsubscribe e-mail to: boar
On Wed, 2022-04-06 at 08:15 +0200, Florian Effenberger wrote:
> On behalf of the Board, I therefore call for the following VOTE:
>
> Approval of the preliminary budget for 2022
+1 approve
--
Caolán McNamara, Member of the Board of Directors
The Document Foundation, Kurfürstendamm 1
On Sat, 2022-03-26 at 21:13 +, Caolán McNamara wrote:
> On Fri, 2022-03-25 at 12:21 +0100, Alexander Thurgood wrote:
>
> > - fixing old regressions, e.g. the chart bug in the report builder;
>
> This one I'm unaware of. Is this bug#87012 or another?
tdf#117162 apparen
hat it needs to be excised, but
maybe it's fair to designate it as an area of concern.
--
Caolán McNamara, Member of the Board of Directors
The Document Foundation, Kurfürstendamm 188, 10707 Berlin, DE
Gemeinnützige rechtsfähige Stiftung des bürgerlichen Rechts
Legal details: https
On Thu, 2022-03-24 at 00:20 +0100, Thorsten Behrens wrote:
> Dear directors,
>
> calling for an email VOTE on the below final version of the Attic
> Proposal. The vote runs for 72 hours, starting now.
+1 in favor.
--
Caolán McNamara, Member of the Board of Directors
The Documen
g atticed a project is categorized into small, medium,
large with 1, 3, 6 devs required to de-attic if there is genuine
concern about the proposed bar being too high vs a new from scratch
project.
--
Caolán McNamara, Member of the Board of Directors
The Document Foundation, Kurfürstendamm 188, 107
our
> Rules of Procedure [2] - such that we reference version 1.3.2 of the
> CoI policy:
+1. Yes.
--
Caolán McNamara, Member of the Board of Directors
The Document Foundation, Kurfürstendamm 188, 10707 Berlin, DE
Gemeinnützige rechtsfähige Stiftung des bürgerlichen Rechts
Le
I, Caolán McNamara, elected member of the Board of Directors of The
Document Foundation, hereby and until further notice, nominate the
following deputies to represent me during board calls and meetings, in
the order set forth below:
1. Gábor Kelemen
2. Gabriel Masei
3. Ayhan Yalçınsoy
gt;
> Life can be so complicated at times ;)
>
> I do not see a reason not to support the small improvements that are
> in.
I don't have concerns about the specific changes, which substantively
looks like +1/-3 words. The document reads very draconian to me but
that's not the
tl:dr upgrade to LibreOffice 7-2 to 7.2.5
(or libreoffice 7.3.0)
LibreOffice supports digital signatures of ODF documents and macros
within documents, presenting visual aids that no alteration of the
document occurred since the last signing and that the signature is
valid.
The Network and Data
On Tue, 2022-02-15 at 12:47 +0100, Paolo Vecchi wrote:
> Hi Caolán,
>
> thanks for your feedback.
>
> On 14/02/2022 21:49, Caolán McNamara wrote:
> > I think at least some of the push back is less against the concept
> > that TDF should hire developers and mo
On Mon, 2022-02-14 at 18:12 +0100, Paolo Vecchi wrote:
> Hi Kendy,
>
> On 14/02/2022 16:42, Jan Holesovsky wrote:
>
>
> >
> > In my world [regardless of the hat], a constructive debate is much
> > easier over a document collecting:
> >
> > * the problem statement & the need
> > * the pros &
On Fri, 2022-01-07 at 00:10 +0100, Marina Latini wrote:
> Dear Caolán McNamara,
>
> let me first take this opportunity to personally congratulate you for
> having been elected as member of the board. Then I kindly invite you
> to officially accept your position in the boa
tl;dr: upgrade to 7.1.8 or 7.2.4
The install sets of LibreOffice as provided by TDF include a bundled
copy of Mozilla's NSS library. Before 7.1.8/7.2.4 the bundled NSS is
affected by:
CVE-2021-43527 Memory corruption via DER-encoded DSA and RSA-PSS
signatures
On Sat, 2021-11-27 at 12:19 +0100, Marina Latini wrote:
> 1. Do you commit yourself to have enough time and the necessary
> technological tools in order to participate to the regularly scheduled
> board calls?
Sure.
> 2. Do you commit yourself to follow up and work on (at least) the main
>
Dear Members,
I would like to stand for elections to the Board of Directors of The
Document Foundation.
I'm Caolán McNamara, full time developer on LibreOffice and member of
the ESC. I'm employed as a Principal Engineer by Red Hat as part of the
Desktop Team and have been involved
tl:dr upgrade to LibreOffice 7-0 to 7.0.6, libreoffice 7-1 to 7.1.2
(or libreoffice 7.2.0)
LibreOffice supports digital signatures of ODF documents and macros
within documents, presenting visual aids that no alteration of the
document occurred since the last signing and that the signature is
tl;dr: macOS users should upgrade to 7.0.6 or 7.1.3
CVE-2021-25632: fileloc extension added to macOS executable denylist
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25632
--
To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org
Problems?
On Fri, 2021-04-16 at 12:04 +0200, William Gathoye (LibreOffice) wrote:
> On 15/04/2021 21:55, Caolán McNamara wrote:
> > [...]
> > In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the
> > 7-
> > 0 series in versions prior to 7.0.5
> > [...]
>
tl;dr: Windows users should upgrade to 7.0.5 or 7.1.2
LibreOffice has a feature where hyperlinks in a document can be
activated by CTRL+click. Under Windows the link can be passed to the
system ShellExecute function for handling. LibreOffice contains a
denylist of extensions that it blocks from
CVE-2020-12802 remote graphics contained in docx format retrieved in
'stealth mode'
If you are using the (off by default) setting to only allow documents
in "trusted location" to download remote resources then 6.4.4 fixes a
case in the .docx import path where that protection didn't apply.
CVE-2020-12801 Crash-recovered MSOffice encrypted documents defaulted
to not to using encryption on next save
If LibreOffice has an encrypted document open and crashes, that
document is auto-saved encrypted. On restart, LibreOffice offers to
restore the document and prompts for the password to
tl;dr: Ensure you are upgraded to at least 6.2.7 and 6.3.1
CVE-2019-9853: Insufficient URL decoding flaw in categorizing macro
location
LibreOffice documents can contain macros. The execution of those macros
is controlled by the document security settings, typically execution of
macros are
td;dr: Upgrade to 6.2.7 or 6.3.1
CVE-2019-9854 Unsafe URL assembly flaw in allowed script location check
Protection was added to address CVE-2019-9852, to avoid a directory
traversal attack where scripts in arbitrary locations on the file
system could be executed by employing a URL encoding
On Thu, 2019-08-15 at 21:28 +0200, Jean-Baptiste Faure wrote:
> Le 15/08/2019 à 12:52, Caolán McNamara a écrit :
> > tl;dr; Upgrade to >= 6.2.6 or >= 6.0.0.
>
> I guess you mean ... or >= 6.3.0
Yes, indeed, oops, 6.3.0. Advisory texts are correct, email here was
not.
-
tl;dr; Upgrade to >= 6.2.6 or >= 6.0.0.
There is a cluster of issues here.
CVE-2019-9850 Insufficient url validation allowing LibreLogo script
execution
There was a way to encode the script url that could bypass the fix of
CVE-2019-9848
On Fri, 2019-08-09 at 21:38 -0700, Derek Currie wrote:
> A further patch was supposed to be applied in version
> 6.3.4 this week.
> And yet there is no record in the release notes of that patch.
> Instead, there is an incorrect listing that CVE-2019-9848 was patched
> in v6.2.5.2, which has been
tl;dr: Upgrade to 6.2.5
CVE-2019-9848: LibreLogo arbitrary script execution
Prior to 6.2.5 it is possible to construct malicious documents which
can execute arbitrary python silently if the LibreLogo script is
installed. LibreLogo is installed by default in the binary builds of
LibreOffice
tl;dr: Upgrade to 6.1.6 or 6.2.3
CVE-2019-9847 Executable hyperlink targets executed unconditionally on
activation
Before 6.1.6/6.2.3 under Windows and macOS when processing a hyperlink
target explicitly activated by the user, as in you explicitly click on
a hyperlink in some LibreOffice
CVE-2018-16858: Directory traversal flaw in script execution
tl;dr: Fixed in 6.0.7 and 6.1.3
LibreOffice has a feature where documents can specify that pre-
installed macros can be executed on various document events such as
mouse-over, etc.
Prior to 6.0.7/6.1.3 LibreOffice was vulnerable to a
A CVE VE-2018-14939 was logged about a buffer overrun in our realpath
usage in function get_app_path. We contend there is no bug in
LibreOffice and no action is required
https://www.libreoffice.org/about-us/security/advisories/CVE-2018-14939
--
To unsubscribe e-mail to:
CVE-2018-10583 was assigned for Information disclosure via SMB link
embedded in ODF document
A LibreOffice document with a linked image, which is on a samba share,
will cause LibreOffice to automatically initiate a samba connection to
retrieve the image. This is analogous to how opening HTML
TL;DR; Upgrade to >= 5.4.6 or >= 6.0.2
https://www.libreoffice.org/about-us/security/advisories/CVE-2018-10119
CVE-2018-10119 Use After Free in Structured Storage parser
Fixed in LibreOffice 5.4.5/6.0.1
LibreOffice before 5.4.5 and 6.x before 6.0.1 have a flaw in an edge
case in processing the
tl/dr: upgrade to 5.4.5/6.0.1
CVE-2018-1055: Remote arbitrary file disclosure vulnerability via
WEBSERVICE formula
LibreOffice Calc supports a WEBSERVICE function to obtain data by URL.
Vulnerable versions of LibreOffice allow WEBSERVICE to take a local
file URL (e.g file://) which can be used
CVE-2017-8358 was filed for a heap buffer overflow in the JPG reader.
For the sake of clarity this specific bug was present from the 15th of
March 2017 to the 17th of March 2017 and was never included in any
release.
--
To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org
tl;dr: All users are recommended to upgrade to LibreOffice >= 5.2.5 or
>= 5.3.0.
Recently 4 CVEs were filed for LibreOffice, namely...
CVE-2016-10327 Heap-buffer-overflow in EMF filter
CVE-2017-7856 Heap-buffer-overflow in WMF filter
CVE-2017-7882 Heap-buffer-overflow in HWP filter
Fixed in LibreOffice 5.1.6/5.2.2/5.3.0
---
CVE-2017-3157 Arbitrary file disclosure in Calc and Writer
http://www.libreoffice.org/about-us/security/advisories/CVE-2017-3157
Embedded Objects in writer and calc can contain previews of their
content. A document can be crafted which contains an
Parsing the Rich Text Format character style index was insufficiently
checked for validity. Documents can be constructed which dereference an
iterator to the first entry of an empty STL container.
All users are recommended to upgrade to LibreOffice >= 5.1.4
Thanks to the researchers working with
We had a set of lwp filter parsing issues.
CVE-2016-0795 LotusWordPro Bounds overflows in LwpTocSuperLayout
processing
This is fixed in 5.0.5 and 5.1.0
CVE-2016-0794 LotusWordPro Multiple bounds overflows in lwp filter
There was a bunch more which got fixed earlier in 5.0.4 and 5.1.0
Thanks
On Sun, 2015-11-08 at 23:23 +0100, Rene Engelhard wrote:
> I did some research today based on the commit messages - and when I
> am not mistaken
> most of them are fixed in 5.0.0 but CVE-2015-5214 is fixed only in
> 5.0.1.
> (But still long before 5.0.3)
Yeah, rene's right. 5.0.1 is the oldest
Bottom Line: ensure you are upgraded to at least 4.4.6 or 5.0.0
Fixed in LibreOffice 4.4.6/5.0.0
CVE-2015-5214 DOC Bookmark Status Memory Corruption
http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
Fixed in LibreOffice 4.4.5/5.0.0
CVE-2015-4551 Arbitrary file disclosure
On Sun, 2014-07-13 at 17:19 +0200, penttila wrote:
Hi, A new Hunspell version (1.3.3) is out since 2014 Jun 2, after more
than three years of development containing several bug fixes.
(http://hunspell.sourceforge.net)Will this new version be inluded in
the upcomming LibreOffice 4.3?
I can
A bit slow announcing this one personally, though its been out on the
wires for distributions and other sources for a few weeks now.
LibreOffice 4.2.5 fixes a bug that crept into 4.1.4 onwards where the
vba macros in Microsoft Office documents loaded into LibreOffice would
effectively ignore the
A bit slow announcing this one, the bundled python in 4.1.4 and earlier
has some various potential security flaws which are fixed in a later
version of python. So we now bundle that later version of python since
4.1.5. It's recommended to use that version of LibreOffice (unless you
get your
Apache OpenOffice has announced the details of CVE-2013-2189 and
CVE-2013-4156 as they affect Apache OpenOffice, i.e.
CVE-2013-2189: CVE-2013-2189: OpenOffice DOC Memory Corruption
Vulnerability
http://permalink.gmane.org/gmane.comp.apache.maven.announce/1503
CVE-2013-4156: OpenOffice DOCM
On Mon, 2013-06-10 at 18:15 +0200, Florian Effenberger wrote:
I hereby ask the board to
1. vote on hiring Christian Lohmaier, for a limited period of one year,
part-time with 20 hours per week, specifically for web development, at
costs not exceeding 25.000 € per year,
On Fri, 2013-03-01 at 14:44 +0100, Thorsten Behrens wrote:
I'd like the board to approve an extra € 1,000.00 for travel bursaries,
only to be used when host budget has run dry.
+1, bring us back a new impress hacker.
C.
On Thu, 2013-02-14 at 10:28 +0100, Florian Effenberger wrote:
Hello,
based on the recent discussions, I'd ask the board to vote on:
1. Having a budget of 2.500 € in total for Italo's trips to POSSCON,
LibrePlanet and FOSSC Oman,
2. thereby revoking decision # 20121220-01 [1]
ok, +1
On Mon, 2013-01-28 at 12:43 +0100, Florian Effenberger wrote:
Hello,
I'd like to ask the board to approve an additional 600 € for collaterals.
+1
C.
Maybe we should have a money available bot that adds a sig with that
amount to budget request emails :-)
On Sat, 2012-12-15 at 01:57 +0100, Thorsten Behrens wrote:
Dear board,
we had hired counsel to come up with a suitable work contract to hire
Florian. This has concluded, and the aforementioned fees are due,
please approve the not-yet-budgeted amount.
+1
C.
CVE-2012-4233: Multiple file format denial of service vulnerabilities
Fixed in: LibreOffice 3.5.7/3.6.1
Thanks to High-Tech Bridge for reporting these flaws. Users are
recommended to upgrade to 3.5.7 or 3.6.1 to avoid these flaws
There are fairly mild denial of service (libreoffice just crashes
https://www.libreoffice.org/advisories/
CVE-2012-2665 Multiple heap-based buffer overflows in the XML manifest
encryption handling code
Multiple heap-based buffer overflow flaws were found in the XML
manifest encryption tag parsing code of LibreOffice. An attacker could
create a
On Mon, 2012-06-25 at 13:49 +0200, Florian Effenberger wrote:
+1 from my side, but we need some more votes to reach a quorum
Florian Effenberger wrote on 2012-06-20 15:37:
Would the board be willing to approve up to, let's say, 200 € expenses
for that?
sure sure, +1
C.
--
Unsubscribe
https://www.libreoffice.org/advisories/
CVE-2012-1149 Integer overflows in graphic object loading
An integer overflow vulnerability in LibreOffice graphic loading code
could allow a remote attacker to cause a denial of service (application
crash) or potentially execute arbitrary code on
On Wed, 2012-05-16 at 12:29 -0700, NoOp wrote:
Any idea if 3.5.3 also addresses this one that also came out today?
http://www.openoffice.org/security/cves/CVE-2012-2149.html
This is actually libwpd, which gets bundled into non-distro builds.
The advisory relates to a very old version of libwpd
On Tue, 2011-12-13 at 15:44 -0800, gptscorp wrote:
Hello,
I have followed the instructions on
http://www.libreoffice.org/get-involved/developers/ several times and get
all types of quirky messages, and no matter what I do the build do succeed.
What am I doing wrong? In help/suggestions
On Sat, 2011-10-08 at 17:11 +0300, David Nelson wrote:
I would like to ask whether you would be willing to make a commitment
for a term of office on the BoD.
Sure.
I am certain that you will assure us that you support openness of the
source code of LibreOffice.
Sure, apple pie and
as a fulltime developer on the project and as a
representative of a growing number of LibreOffice developers at Red Hat,
I believe I can help provide a helpful balance of interests in the
board.
Full Name email: Caolán McNamara caol...@redhat.com
Cooperate Affiliation: Red Hat, Inc.
C
as a fulltime developer on the project and as a
representative of a growing number of LibreOffice developers at Red Hat,
I believe I can help provide a helpful balance of interests in the
board.
Full Name email: Caolán McNamara caol...@redhat.com
Cooperate Affiliation: Red Hat, Inc.
C
On Tue, 2011-09-13 at 22:09 -0500, J.B. Nicholson-Owens wrote:
Caolán McNamara wrote:
We don't have a lot of these document for testing. Two actually :-),
If one wanted to learn about the format of Lotus Wordpro files, where
would one go to get specification information?
Not sure really
On Wed, 2011-09-14 at 16:23 +0200, Carlo Strata wrote:
If there is a code that we can point to (and that we'll have to get to
improve quality and interoperability) this is surely that of all Lotus
native read/write filters!!! Of course! :-) ;-)
The irony is that AOOo doesn't actually have a
On Wed, 2011-08-31 at 11:06 -0400, subs wrote:
On 8/31/2011 10:54 AM, Caolán McNamara wrote:
We don't have a lot of these document for testing. Two actually :-),
Sent this early.
http://cgit.freedesktop.org/libreoffice/core/plain/lotuswordpro/qa/cppunit/data/pass/A14.lwp
http
On Mon, 2011-08-29 at 12:55 -0400, Terrence Enger wrote:
On Mon, 2011-08-29 at 09:00 +0100, Caolán McNamara wrote:
On Sun, 2011-08-28 at 07:34 -0400, Terrence Enger wrote:
The remaining questions are ... Does anybody else share the
problem of the ineffective MacroSecurity... button
On Wed, 2011-08-31 at 08:23 -0400, libo wrote:
Is anyone able to open Lotus Wordpro files in any Version 3.4?
3.4.2 would generated a i/o error and 3.4.3 give me a blank file.
We don't have a lot of these document for testing. Two actually :-),
--
Unsubscribe instructions: E-mail to
On Wed, 2011-08-31 at 15:51 +0100, Caolán McNamara wrote:
On Wed, 2011-08-31 at 08:23 -0400, libo wrote:
Is anyone able to open Lotus Wordpro files in any Version 3.4?
3.4.2 would generated a i/o error and 3.4.3 give me a blank file.
We don't have a lot of these document for testing. Two
On Sun, 2011-08-28 at 07:34 -0400, Terrence Enger wrote:
The remaining questions are ... Does anybody else share the
problem of the ineffective MacroSecurity... button?
No, works fine here.
Does anybody care?
Sure, but it works for me.
C.
--
Unsubscribe instructions: E-mail to
On Sun, 2011-08-28 at 08:29 -0400, Terrence Enger wrote:
Hello, all.
Now that my system holds more than one build from master, my
small mind is even more subject to confusion than it used to
be. So, I wonder ...
(*) Is there an easy way to display the build id of
soffice.bin to the
On Wed, 2011-06-22 at 14:18 +0200, Fernand Vanrie wrote:
So please can someone make this small change in the API
You *might* get some change out of the com.sun.star.mail.MailMessage
service which implements XMailMessage which has a (horribly-complex)
route to set the body of the email.
81 matches
Mail list logo