[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 3792-1] libreoffice security update

Hi,

On Thu, Feb 23, 2017 at 11:13:34PM +0100, Moritz Muehlenhoff wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> - -------------------------------------------------------------------------
> Debian Security Advisory DSA-3792-1                   security@debian.org
> https://www.debian.org/security/                       Moritz Muehlenhoff
> February 23, 2017                     https://www.debian.org/security/faq
> - -------------------------------------------------------------------------
> 
> Package        : libreoffice
> CVE ID         : CVE-2017-3157
> 
> Ben Hayak discovered that objects embedded in Writer and Calc documents
> may result in information disclosure. Please see
> https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/
> for additional information.

I have also prepared it for wheezy-lts. Should build (my build is
still running), basically just took the patch from Ubuntu (in contrast to
the 4.3.3 jessie update where I needed to forward-port the backported patch ;-))

See https://people.debian.org/~rene/libreoffice/3.5.4/ for source and debdiff.

You could "sponsor" it like the last times or I can upload it if my build
finishes. Whatever you prefer.
 
Regards,

Rene
Reply to: