[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

About libreoffice CVE



Hello Emilio,

as the libreoffice entry is the oldest one without update[1] I decided
to take a look at the issues (even though it's assigned to you).

For CVE-2017-12607 I believe that wheezy is not affected as the patch
shown below merely ensures that nLevelAnz does not overflow nMaxPPTLevels (= 5).
https://cgit.freedesktop.org/libreoffice/core/commit/?id=334dba623dfb0c4fb2b5292c2d03741b7b33aef1

And in the wheezy code, we already have such a check (line 4112 of
filter/source/msfilter/svdfppt.cxx):

            sal_uInt16 nLevelAnz;
            rIn >> nLevelAnz;
            if ( nLevelAnz > 5 )
            {
                OSL_FAIL( "PPTStyleSheet::Ppt-TextStylesheet hat mehr als 5 Ebenen! (SJ)" );
                nLevelAnz = 5;
            }

For CVE-2017-12608, the problem seems to exist as the code is very close.
Applying/backporting the patch looks trivial.

Furthermore in both cases, the commit contains a test file that could be used
to (at least manually) verify the fix.

I don't really see why this update has been stalled for so long. Please go ahead
with the update or unlock the package so that someone else can take over.

Cheers,

[1] As shown by bin/review-update-needed --lts:
Package: libreoffice
Claimed-By: Emilio Pozuelo
Claimed-Date: 2017-05-31 17:29 (166 days ago)
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/


Reply to: