./packages/openofficeorg/2.4.1/lenny r1255: better late than never; add changelog entries for 2.4.1+dfsg-1+lenny1 to -lenny11

To: debian-openoffice@lists.debian.org
Subject: ./packages/openofficeorg/2.4.1/lenny r1255: better late than never; add changelog entries for 2.4.1+dfsg-1+lenny1 to -lenny11
From: Rene Engelhard <rene@debian.org>
Date: Sun, 30 Jan 2011 21:53:13 +0100
Message-id: <[🔎] E1PjeId-0003ak-Ll@alioth.debian.org>

------------------------------------------------------------
revno: 1255
committer: Rene Engelhard <rene@debian.org>
branch nick: lenny
timestamp: Sun 2011-01-30 21:53:13 +0100
message:
  better late than never; add changelog entries for 2.4.1+dfsg-1+lenny1 to -lenny11
modified:
  changelog

=== modified file 'changelog'
--- a/changelog	2009-03-20 21:17:19 +0000
+++ b/changelog	2011-01-30 20:53:13 +0000
@@ -1,3 +1,97 @@
+openoffice.org (1:2.4.1+dfsg-1+lenny11) stable-security; urgency=low
+
+  * ooo-build/patches/src680/security-fixes-from-cws-impress208.diff: fix
+    possible heap overflow when reading manipulated TGA images
+    (CVE-2010-4643) 
+
+ -- Rene Engelhard <rene@debian.org>  Wed, 05 Jan 2011 22:02:59 +0100
+
+openoffice.org (1:2.4.1+dfsg-1+lenny10) stable-security; urgency=high
+
+  * ooo-build/patches/src680/security-fixes-from-cws-os145.diff: fix
+    CVE-2010-4253: Heap based buffer overflow, PPT files.
+
+ -- Rene Engelhard <rene@debian.org>  Mon, 29 Nov 2010 17:55:27 +0000
+
+openoffice.org (1:2.4.1+dfsg-1+lenny9) stable-security; urgency=high
+
+  * ooo-build/patches/src680/tread-invalid-path-segments-correctly.diff:
+    fix directory traversal vulnerability in OOo (CVE-2010-3450)
+  * ooo-build/patches/src680/cws-hb22.diff: fix security issues:
+    - soffice script does not treat empty LD_LIBRARY_PATH like unset one
+      (CVE-2010-3689)
+    - Crash in WW8DopTypography::ReadFromMem (CVE-2010-3454)
+    - Crash in SwRTFParser::ReadNumSecLevel (CVE-2010-3452)
+    - Out of bounds write in WW8ListManager::WW8ListManager()
+      (CVE-2010-3453)
+    - Loading certain RTF document leads to corrupt table model
+      (CVE-2010-3451)
+
+ -- Rene Engelhard <rene@debian.org>  Fri, 01 Oct 2010 16:24:28 +0200
+
+openoffice.org (1:2.4.1+dfsg-1+lenny8) stable-security; urgency=high
+
+  * ooo-build/patches/src680/workspace.impress197.diff: fix CVE-2010-2935 and
+    CVE-2010-2936 aka SA40775:
+    two buffer-overflow vulnerabilities in OpenOffice.org Impress
+
+ -- Rene Engelhard <rene@debian.org>  Thu, 19 Aug 2010 11:59:29 +0000
+
+openoffice.org (1:2.4.1+dfsg-1+lenny7) stable-security; urgency=high
+
+  * pyuno.avoid.execution.for.browsing.funcs.legacy.python.diff:
+    avoid execution of python code when browsing macros (CVE-2010-0395)
+
+ -- Rene Engelhard <rene@debian.org>  Mon, 08 Mar 2010 22:33:26 +0100
+
+openoffice.org (1:2.4.1+dfsg-1+lenny6) stable-security; urgency=high
+
+  * ooo-build/patches/src680/vba-macro-properties-2.4.diff: fix vba macros
+    not honouring macro security settings (CVE-2010-0136) 
+
+ -- Rene Engelhard <rene@debian.org>  Sat, 26 Dec 2009 21:24:42 +0100
+
+openoffice.org (1:2.4.1+dfsg-1+lenny5) stable-security; urgency=high
+
+  * ooo-build/patches/src680/libxmlsec-CVE-2009-0217.diff: fix
+    CVE-2009-0217 in the internal libxmlsec copy (just the nss part)
+  * ooo-build/patches/src680/libxmlsec-findcerts.diff: adapt
+
+ -- Rene Engelhard <rene@debian.org>  Tue, 15 Dec 2009 22:03:15 +0000
+
+openoffice.org (1:2.4.1+dfsg-1+lenny4) stable-security; urgency=high
+
+  * ooo-build/patches/src680/cws-sjooh680sf01.diff: fix
+    "OpenOffice.org XPM Import Integer Overflow" (CVE-2009-2949) and
+    "OpenOffice.org GIF Import Heap Overflow" (CVE-2009-2950)
+  * ooo-build/patches/src680/cws-hb32showstoppers3ooh680.diff: fix
+    "OOO sprmTDefTable issue" (CVE-2009-3301) and
+    "OOO sprmTSetBrc issue" (CVE-2009-3302)
+
+ -- Rene Engelhard <rene@debian.org>  Fri, 13 Nov 2009 22:19:53 +0100
+
+openoffice.org (1:2.4.1+dfsg-1+lenny3) stable-security; urgency=high
+
+  * rebuild to get correct $LANGPACKISOS in e.g. broffice.org... 
+
+ -- Rene Engelhard <rene@debian.org>  Sun, 21 Jun 2009 01:12:03 +0200
+
+openoffice.org (1:2.4.1+dfsg-1+lenny2) stable-security; urgency=high
+
+  * patches/src680/wmf-pattern-brush.diff: backport fix from
+    ooo-build-3-0-1 branch fixing similar issues like CVE-2008-2237
+    in that patch
+
+ -- Rene Engelhard <rene@debian.org>  Tue, 16 Jun 2009 00:00:10 +0200
+
+openoffice.org (1:2.4.1+dfsg-1+lenny1) stable-security; urgency=high
+
+  * patches/src680/sw.safe_tdelete_tinsert.diff: fix CVE-2009-0200
+    (OpenOffice.org Word Document sprmTDelete Integer Underflow) and
+    CVE-2009-0201 (OpenOffice.org Word Document sprmTInsert Buffer Overflow)
+
+ -- Rene Engelhard <rene@debian.org>  Fri, 22 May 2009 10:30:16 +0200
+
 openoffice.org (1:2.4.1+dfsg-1) stable; urgency=low
 
   * repackage .orig.tar.gz without rfc1345.txt in liblayout.zip

Reply to:

Prev by Date: libreoffice_3.3.0-1_armel.changes ACCEPTED into experimental
Next by Date: Bug#611583: openoffice.org-emailmerge: unopkg failed
Previous by thread: libreoffice_3.3.0-1_armel.changes ACCEPTED into experimental
Next by thread: Bug#611583: openoffice.org-emailmerge: unopkg failed
Index(es):
- Date
- Thread