Wheezy update of libreoffice #2 (CVE-2016-1513)
[ CC'ing team@security so that they know nothing supported is affected by
apparently Apache knew it since October 2015, tested with "current" LibreOffices
but they said they didn't test with old, so didn't inform LO *at all* until
this came up last Thursday again confirming that old LOs *are* affected..
See also http://www.openoffice.org/security/cves/CVE-2016-1513.html
The fix already went into (later) 4.2 and 4.3 versions.
jessie: 4.3.3 - unaffected, AFAICS 
stretch/sid: "of course" unaffected
A (untested, except that the patch applies) source package is - as last time -
available on http://people.debian.org/~rene/libreoffice/wheezy
Own-imposed LibreOffice embargo ends today. (I knew it only since last
Thursday, too when we wrote about the other issue but of course couldn't
write it beforehand to something public..)
(jessie)rene@frodo ..reOffice/libreoffice/libreoffice-4.3.3 % patch -p1 --dry-run < ~/index.html\?id=fd64d444b730f6cb7216dac8f6e3f94b97d7ab60
checking file tools/source/generic/poly2.cxx
Reversed (or previously applied) patch detected! Assume -R? [n]
Apply anyway? [n]
4 out of 4 hunks ignored
checking file vcl/source/gdi/metaact.cxx
Reversed (or previously applied) patch detected! Assume -R? [n] Apply anyway? [n] Skipping patch.
1 out of 1 hunk ignored