Package "libreofficekit-dev"
| Name: |
libreofficekit-dev
|
Description: |
LibreOfficeKit -- headers
|
| Latest version: |
1:7.3.7-0ubuntu0.22.04.12 |
| Release: |
jammy (22.04) |
| Level: |
security |
| Repository: |
main |
| Head package: |
libreoffice |
| Homepage: |
http://www.libreoffice.org |
Links
Download "libreofficekit-dev"
Other versions of "libreofficekit-dev" in Jammy
Changelog
|
libreoffice (1:7.3.7-0ubuntu0.22.04.12) jammy-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow in DXF polyline import
- debian/patches/CVE-2026-6039.patch: stay within max Polygon points
- CVE-2026-6039
* SECURITY UPDATE: Heap buffer overflow in EMF+ gradient brush import
- debian/patches/CVE-2026-6045-0.patch: EMF+ Use variable types according to
EMFPLUS documentation
- debian/patches/CVE-2026-6045-1.patch: check that the file can provide the
claimed data
- debian/patches/CVE-2026-6045-2.patch: tidy up emfppath.cxx edge cases
- debian/patches/CVE-2026-6045-3.patch: check that the file can provide the
claimed data
- CVE-2026-6045
* SECURITY UPDATE: Stack buffer overflow in PPT presentation import
- debian/patches/CVE-2026-8356.patch: SdrEscherImport::RecolorGraphic
reads but doesn't use FillColors
- CVE-2026-8356
* SECURITY UPDATE: Heap buffer overflow in Calc formula compilation
- debian/patches/CVE-2026-8357.patch: A formula of length L, composed
entirely of open tokens, needs L+1 slots
- CVE-2026-8357
* SECURITY UPDATE: Heap buffer overflow in spreadsheet tracked-changes import
- debian/patches/CVE-2026-8358.patch: drop malformed duplicate-id calc
change track actions
- CVE-2026-8358
-- Rico Tzschichholz <email address hidden> Sun, 28 Jun 2026 12:36:00 +0200
|
| Source diff to previous version |
| CVE-2026-6039 |
LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count |
| CVE-2026-6045 |
LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The n |
| CVE-2026-8356 |
LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two |
| CVE-2026-8357 |
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many |
| CVE-2026-8358 |
LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identi |
|
|
libreoffice (1:7.3.7-0ubuntu0.22.04.11) jammy-security; urgency=medium
* SECURITY UPDATE: Heap Buffer Overflow in AgileEngine
- debian/patches/CVE-2026-4430.patch: Conform AlignEngine parsing to
what section 2.3.4.10 of the spec has
- CVE-2026-4430
-- Rico Tzschichholz <email address hidden> Wed, 13 May 2026 09:44:03 +0200
|
| Source diff to previous version |
| CVE-2026-4430 |
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. Thi |
|
|
libreoffice (1:7.3.7-0ubuntu0.22.04.10) jammy-security; urgency=medium
* SECURITY UPDATE: PDF signature forgery with adbe.pkcs7.sha1 SubFilter
- debian/patches/CVE-2025-2866.patch: Improve adbe.pkcs7.sha1 signature
verification
- CVE-2025-2866
-- Rico Tzschichholz <email address hidden> Mon, 05 May 2025 17:20:55 +0200
|
| Source diff to previous version |
| CVE-2025-2866 |
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affect |
|
|
libreoffice (1:7.3.7-0ubuntu0.22.04.9) jammy-security; urgency=medium
* SECURITY UPDATE: Macro URL arbitrary script execution
- debian/patches/CVE-2025-1080.patch: Filter out more unwanted command
URIs
- CVE-2025-1080
-- Rico Tzschichholz <email address hidden> Thu, 06 Mar 2025 08:58:09 +0100
|
| Source diff to previous version |
| CVE-2025-1080 |
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice |
|
|
libreoffice (1:7.3.7-0ubuntu0.22.04.8) jammy-security; urgency=medium
* SECURITY UPDATE: Path traversal leading to arbitrary .ttf file write
- debian/patches/CVE-2024-12425.patch: be conservative on allowed temp
font names
- CVE-2024-12425
* SECURITY UPDATE: URL fetching can be used to exfiltrate arbitrary INI
file values and environment variables
- debian/patches/CVE-2024-12426-1.patch: consider VndSunStarExpand an
exotic protocol
- debian/patches/CVE-2024-12426-2.patch: look at 'embedded' protocols too
- CVE-2024-12426
- debian/patches/CVE-2024-12426-3.patch: Fix check for further exotic
protocols
-- Rico Tzschichholz <email address hidden> Thu, 23 Jan 2025 14:54:13 +0100
|
| CVE-2024-12425 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute P |
| CVE-2024-12426 |
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. |
|
About
-
Send Feedback to @ubuntu_updates