libreoffice (1:5.1.6~rc2-0ubuntu1~xenial6) xenial-security; urgency=medium
* SECURITY UPDATE: incorrect integer data type in StgSmallStrm class
- debian/patches/CVE-2018-10119.patch: use short->sal_Int32 like in
StgDataStrm in sot/source/sdstor/stgstrms.cxx.
- CVE-2018-10119
* SECURITY UPDATE: heap-based buffer overflow in SwCTBWrapper::Read
- debian/patches/CVE-2018-10120.patch: check index before use in
sw/source/filter/ww8/ww8toolbar.cxx.
- CVE-2018-10120
* SECURITY UPDATE: information disclosure vulnerability via SMB link
- debian/patches/CVE-2018-10583.patch: set Referer on link
mediadescriptor in sw/source/filter/xml/xmltexti.cxx.
- CVE-2018-10583
* SECURITY UPDATE: Directory traversal flaw in script execution
- debian/patches/CVE-2018-16858.patch: keep pyuno script processing
below base uri in scripting/source/pyprov/pythonscript.py.
- CVE-2018-16858
libreoffice (1:5.1.6~rc2-0ubuntu1~xenial4) xenial; urgency=medium
* debian/libreoffice-mysql-connector.triggers.in,
debian/libreoffice-wiki-publisher.triggers.in:
- removed, file path triggers do not need to be activated explicitly
* debian/libreoffice-common.triggers.in: switch to -noawait trigger
(LP: #1780996)
Date: 2019-02-04 19:08:11.946093+00:00
Changed-By: Marc Deslauriers <[email protected]>
https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial6
Sorry, changesfile not available.
--
Xenial-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
