UbuntuUpdates.org

Package "libreoffice-style-hicontrast"

Name: libreoffice-style-hicontrast

Description:

office productivity suite -- Hicontrast symbol style

Latest version: 1:4.2.8-0ubuntu5.5
Release: trusty (14.04)
Level: updates
Repository: universe
Head package: libreoffice
Homepage: http://www.libreoffice.org

Links


Download "libreoffice-style-hicontrast"


Other versions of "libreoffice-style-hicontrast" in Trusty

Repository Area Version
base universe 1:4.2.3~rc3-0ubuntu2
security universe 1:4.2.8-0ubuntu5.5
PPA: LibreOffice 1:6.1.5~rc2-0ubuntu0.14.04.1~lo3

Changelog

Version: 1:4.2.8-0ubuntu5.5 2019-02-06 16:08:02 UTC

  libreoffice (1:4.2.8-0ubuntu5.5) trusty-security; urgency=medium

  * SECURITY UPDATE: incorrect integer data type in StgSmallStrm class
    - debian/patches/CVE-2018-10119.patch: use short->sal_Int32 like in
      StgDataStrm in sot/source/sdstor/stgstrms.cxx.
    - CVE-2018-10119
  * SECURITY UPDATE: heap-based buffer overflow in SwCTBWrapper::Read
    - debian/patches/CVE-2018-10120.patch: check index before use in
      sw/source/filter/ww8/ww8toolbar.cxx.
    - CVE-2018-10120
  * SECURITY UPDATE: information disclosure vulnerability via SMB link
    - debian/patches/CVE-2018-10583.patch: set Referer on link
      mediadescriptor in sw/source/filter/xml/xmltexti.cxx.
    - CVE-2018-10583
  * SECURITY UPDATE: overflow during string length calculation
    - debian/patches/CVE-2018-11790.patch: fix indexes in
      vcl/source/gdi/sallayout.cxx.
    - CVE-2018-11790
  * SECURITY UPDATE: Directory traversal flaw in script execution
    - debian/patches/CVE-2018-16858.patch: keep pyuno script processing
      below base uri in scripting/source/pyprov/pythonscript.py.
    - CVE-2018-16858

 -- Marc Deslauriers <email address hidden> Mon, 28 Jan 2019 12:07:29 -0500

Source diff to previous version
CVE-2018-10119 sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, wh
CVE-2018-10120 The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a custo
CVE-2018-10583 An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB co
CVE-2018-11790 When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs
CVE-2018-16858 Remote Code Execution via Macro/Event execution

Version: 1:4.2.8-0ubuntu5.3 2018-02-21 23:08:37 UTC

  libreoffice (1:4.2.8-0ubuntu5.3) trusty-security; urgency=medium

  * SECURITY UPDATE: remote arbitrary file disclosure vulnerability using
    WEBSERVICE
    - debian/patches/CVE-2018-6871.patch: limit WEBSERVICE to http[s]
      protocols.
    - CVE-2018-6871
  * SECURITY UPDATE: use-after-free in SwRootFrame
    - debian/patches/layout-footnote-use-after-free.diff: fix layout
      footnote use-after-free in SwRootFrame.
    - No CVE number.

 -- Olivier Tilloy <email address hidden> Mon, 19 Feb 2018 14:17:49 +0100

Source diff to previous version
CVE-2018-6871 LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.

Version: 1:4.2.8-0ubuntu5.2 2017-11-02 16:06:59 UTC

  libreoffice (1:4.2.8-0ubuntu5.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Out-of-Bounds Write in Impress' PPT Filter
    - debian/patches/CVE-2017-12607.patch: limit PPT levels in
      filter/source/msfilter/svdfppt.cxx,
      include/filter/msfilter/svdfppt.hxx.
    - CVE-2017-12607
  * SECURITY UPDATE: Out-of-Bounds Write in Writer's ImportOldFormatStyles
    - debian/patches/CVE-2017-12608.patch: check sizes in
      sw/source/filter/ww8/ww8par2.cxx.
    - CVE-2017-12608

 -- Marc Deslauriers <email address hidden> Wed, 01 Nov 2017 08:24:05 -0400

Source diff to previous version

Version: 1:4.2.8-0ubuntu5.1 2017-05-02 21:07:05 UTC

  libreoffice (1:4.2.8-0ubuntu5.1) trusty-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in tools::Polygon::Insert function
    - debian/patches/CVE-2017-7870.patch: check if ImplSplit succeeded in
      tools/inc/poly.h, tools/source/generic/poly.cxx.
    - CVE-2017-7870

 -- Marc Deslauriers <email address hidden> Fri, 28 Apr 2017 10:47:51 -0400

Source diff to previous version
CVE-2017-7870 LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in too

Version: 1:4.2.8-0ubuntu5 2017-02-23 17:07:11 UTC

  libreoffice (1:4.2.8-0ubuntu5) trusty-security; urgency=medium

  * SECURITY UPDATE: arbitrary file read via link update
    - debian/patches/olefix.diff
    - CVE-2017-3157

 -- Bjoern Michaelsen <email address hidden> Mon, 21 Nov 2016 13:37:38 +0100




About   -   Send Feedback to @ubuntu_updates