Re: [SECURITY] [DSA 3792-1] libreoffice security update
Hi,
On Thu, Feb 23, 2017 at 11:13:34PM +0100, Moritz Muehlenhoff wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> - -------------------------------------------------------------------------
> Debian Security Advisory DSA-3792-1 security@debian.org
> https://www.debian.org/security/ Moritz Muehlenhoff
> February 23, 2017 https://www.debian.org/security/faq
> - -------------------------------------------------------------------------
>
> Package : libreoffice
> CVE ID : CVE-2017-3157
>
> Ben Hayak discovered that objects embedded in Writer and Calc documents
> may result in information disclosure. Please see
> https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/
> for additional information.
I have also prepared it for wheezy-lts. Should build (my build is
still running), basically just took the patch from Ubuntu (in contrast to
the 4.3.3 jessie update where I needed to forward-port the backported patch ;-))
See https://people.debian.org/~rene/libreoffice/3.5.4/ for source and debdiff.
You could "sponsor" it like the last times or I can upload it if my build
finishes. Whatever you prefer.
Regards,
Rene
Reply to: