[libreoffice] 01/01: add fix for CVE-2016-4324.diff

To: debian-openoffice@lists.debian.org
Subject: [libreoffice] 01/01: add fix for CVE-2016-4324.diff
From: Rene Engelhard <rene@moszumanska.debian.org>
Date: Wed, 29 Jun 2016 20:04:29 +0000
Message-id: <[🔎] E1bILin-0004n6-F3@moszumanska.debian.org>
Reply-to: Rene Engelhard <rene@debian.org>
In-reply-to: <[🔎] 20160629200429.18340.11328@moszumanska.debian.org>
References: <[🔎] 20160629200429.18340.11328@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

rene pushed a commit to branch debian-jessie-4.3.3
in repository libreoffice.

commit 7b414717c705018e00c2661c22a19ca48f55bcb8
Author: Rene Engelhard <rene@debian.org>
Date:   Wed Jun 22 15:33:25 2016 +0200

    add fix for CVE-2016-4324.diff
---
 changelog                  |  7 +++++++
 patches/CVE-2016-4324.diff | 20 ++++++++++++++++++++
 patches/series             |  1 +
 3 files changed, 28 insertions(+)

diff --git a/changelog b/changelog
index 9a27363..6dd0952 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,10 @@
+libreoffice (1:4.3.3-2+deb8u5) jessie-security; urgency=medium
+
+  * debian/patches/CVE-2016-4324.diff: fix "LibreOffice RTF Stylesheet Code
+    Execution Vulnerability" (TALOS-CAN-0126 / CVE-2016-4324) 
+
+ -- Rene Engelhard <rene@debian.org>  Wed, 22 Jun 2016 14:18:06 +0200
+
 libreoffice (1:4.3.3-2+deb8u4) jessie; urgency=medium
 
   * debian/patches/ppc64el-jdk-paths.diff: fix ppc64el FTBFS due to changed
diff --git a/patches/CVE-2016-4324.diff b/patches/CVE-2016-4324.diff
new file mode 100644
index 0000000..366b897
--- /dev/null
+++ b/patches/CVE-2016-4324.diff
@@ -0,0 +1,20 @@
+diff --git a/writerfilter/source/rtftok/rtfdocumentimpl.cxx b/writerfilter/source/rtftok/rtfdocumentimpl.cxx
+index 9f35f26..b860650 100644
+--- a/writerfilter/source/rtftok/rtfdocumentimpl.cxx
++++ b/writerfilter/source/rtftok/rtfdocumentimpl.cxx
+@@ -445,8 +445,13 @@ void RTFDocumentImpl::setNeedSect(bool bNeedSect)
+ 
+ writerfilter::Reference<Properties>::Pointer_t RTFDocumentImpl::getProperties(RTFSprms& rAttributes, RTFSprms& rSprms)
+ {
+-    int nStyle = m_aStates.top().nCurrentStyleIndex;
+-    RTFReferenceTable::Entries_t::iterator it = m_aStyleTableEntries.find(nStyle);
++    RTFReferenceTable::Entries_t::iterator it = m_aStyleTableEntries.end();
++    if (!m_aStates.empty())
++    {
++        int nStyle = m_aStates.top().nCurrentStyleIndex;
++        it = m_aStyleTableEntries.find(nStyle);
++    }
++
+     if (it != m_aStyleTableEntries.end())
+     {
+         RTFReferenceProperties& rProps = *(RTFReferenceProperties*)it->second.get();
diff --git a/patches/series b/patches/series
index d90b00c..d47f22a 100644
--- a/patches/series
+++ b/patches/series
@@ -46,3 +46,4 @@ V-a7vjdei7l7.diff
 V-mgylorku1q.diff
 V-pxk0pgyk9d.diff
 ppc64el-jdk-paths.diff
+CVE-2016-4324.diff

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openoffice/libreoffice.git

Reply to:

References:
- [libreoffice] branch debian-jessie-4.3.3 updated (ce29290 -> 7b41471)
  - From: Rene Engelhard <rene@moszumanska.debian.org>

Prev by Date: 20% korting op alle douchecabines en complete douchecabine! | 20% de réduction sur toutes les cabines de douche et cabines de douche complètes
Next by Date: [libreoffice] branch debian-jessie-4.3.3 updated (ce29290 -> 7b41471)
Previous by thread: [libreoffice] branch debian-jessie-4.3.3 updated (ce29290 -> 7b41471)
Next by thread: Processing of libreoffice_4.3.3-2+deb8u5_amd64.changes
Index(es):
- Date
- Thread