** Description changed: CVE-2026-4430: "Heap Buffer Overflow in AgileEngine" Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. https://git.libreoffice.org/core/+/1ec3db717fa144ddff3e9b0a2338a82355cf365b%5E%21/ https://gerrit.libreoffice.org/c/core/+/201874 https://ubuntu.com/security/CVE-2026-4430 https://security-tracker.debian.org/tracker/CVE-2026-4430 - * Resolute 26.04: Fix is included in 26.2.3 SRU - https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2150525 - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/resolute-26.2 + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18396132/+listing-archive-extra * Questing 25.10: Fix is included in 25.8.7 SRU - https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2150734 - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/questing-25.8 + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18396132/+listing-archive-extra * Noble 24.04: Backport of patch to 24.2.7 required - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/noble-24.2 + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397117/+listing-archive-extra * Jammy 22.04: Backport of patch to 7.3.7 required - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/jammy-7.3 + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397116/+listing-archive-extra * Focal 20.04: Backport of patch to 6.4.7 required - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/focal-6.4 + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397438/+listing-archive-extra
** Description changed: CVE-2026-4430: "Heap Buffer Overflow in AgileEngine" Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. https://git.libreoffice.org/core/+/1ec3db717fa144ddff3e9b0a2338a82355cf365b%5E%21/ https://gerrit.libreoffice.org/c/core/+/201874 https://ubuntu.com/security/CVE-2026-4430 https://security-tracker.debian.org/tracker/CVE-2026-4430 * Resolute 26.04: Fix is included in 26.2.3 SRU - https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2150525 - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/resolute-26.2 - - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18396132/+listing-archive-extra + - https://launchpad.net/~libreoffice/+archive/ubuntu/libreoffice-prereleases/+sourcepub/18376470/+listing-archive-extra * Questing 25.10: Fix is included in 25.8.7 SRU - https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2150734 - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/questing-25.8 - - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18396132/+listing-archive-extra + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18396132/+listing-archive-extra * Noble 24.04: Backport of patch to 24.2.7 required - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/noble-24.2 - - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397117/+listing-archive-extra + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397117/+listing-archive-extra * Jammy 22.04: Backport of patch to 7.3.7 required - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/jammy-7.3 - - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397116/+listing-archive-extra + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397116/+listing-archive-extra * Focal 20.04: Backport of patch to 6.4.7 required - https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/focal-6.4 - - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397438/+listing-archive-extra + - https://launchpad.net/~ricotz/+archive/ubuntu/ppa/+sourcepub/18397438/+listing-archive-extra -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2152251 Title: CVE-2026-4430 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2152251/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
