--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: jessie-pu: package libwpd/0.10.1-5+deb9u1
- From: Rene Engelhard <rene@debian.org>
- Date: Sun, 17 Sep 2017 15:19:22 +0200
- Message-id: <20170917131922.GB2436@rene-engelhard.de>
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
See http://bugs.debian.org/876001. CVE classified as no-dsa (minor issue).
Salvatore writes:
"Sicne the point releases are approaching, can you shedule the fixes since already prepared in the next point release?"
So here I am.
Debdiff attached.
Regards,
Rene
-- System Information:
Debian Release: 8.9
APT prefers oldstable-updates
APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: armhf (armv7l)
Kernel: Linux 3.18.0-trunk-rpi2 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru libwpd-0.10.1/debian/changelog libwpd-0.10.1/debian/changelog
--- libwpd-0.10.1/debian/changelog 2016-09-12 22:58:36.000000000 +0200
+++ libwpd-0.10.1/debian/changelog 2017-09-17 13:20:30.000000000 +0200
@@ -1,3 +1,10 @@
+libwpd (0.10.1-5+deb9u1) stretch; urgency=medium
+
+ * debian/patches/libwpd-tdf112269.diff: backport patch to fix
+ CVE-2017-14226 (closes: #876001)
+
+ -- Rene Engelhard <rene@debian.org> Sun, 17 Sep 2017 13:20:30 +0200
+
libwpd (0.10.1-5) unstable; urgency=medium
* [7d35591] move Maintainer: to Debian LibreOffice Maintainers
diff -Nru libwpd-0.10.1/debian/patches/libwpd-tdf112269.diff libwpd-0.10.1/debian/patches/libwpd-tdf112269.diff
--- libwpd-0.10.1/debian/patches/libwpd-tdf112269.diff 1970-01-01 01:00:00.000000000 +0100
+++ libwpd-0.10.1/debian/patches/libwpd-tdf112269.diff 2017-09-17 13:20:30.000000000 +0200
@@ -0,0 +1,43 @@
+--- libwpd/src/lib/WP5StylesListener.cpp
++++ libwpd/src/lib/WP5StylesListener.cpp
+@@ -85,8 +85,9 @@
+ m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 0.0);
+ m_currentPage.setPageSpan(1);
+
+- for (std::vector<WPXHeaderFooter>::const_iterator HFiter = (m_nextPage.getHeaderFooterList()).begin();
+- HFiter != (m_nextPage.getHeaderFooterList()).end(); ++HFiter)
++ std::vector<WPXHeaderFooter> headerFooterList = m_nextPage.getHeaderFooterList();
++ for (std::vector<WPXHeaderFooter>::const_iterator HFiter = headerFooterList.begin();
++ HFiter != headerFooterList.end(); ++HFiter)
+ {
+ if ((*HFiter).getOccurrence() != NEVER)
+ {
+--- libwpd/src/lib/WP42StylesListener.cpp
++++ libwpd/src/lib/WP42StylesListener.cpp
+@@ -84,8 +84,9 @@
+ m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 0.0);
+ m_currentPage.setPageSpan(1);
+
+- for (std::vector<WPXHeaderFooter>::const_iterator HFiter = (m_nextPage.getHeaderFooterList()).begin();
+- HFiter != (m_nextPage.getHeaderFooterList()).end(); ++HFiter)
++ std::vector<WPXHeaderFooter> headerFooterList = m_nextPage.getHeaderFooterList();
++ for (std::vector<WPXHeaderFooter>::const_iterator HFiter = headerFooterList.begin();
++ HFiter != headerFooterList.end(); ++HFiter)
+ {
+ if ((*HFiter).getOccurrence() != NEVER)
+ {
+--- libwpd/src/lib/WP1StylesListener.cpp
++++ libwpd/src/lib/WP1StylesListener.cpp
+@@ -83,8 +83,9 @@
+ m_currentPage = WPXPageSpan(m_pageList.back(), 0.0, 0.0);
+ m_currentPage.setPageSpan(1);
+
+- for (std::vector<WPXHeaderFooter>::const_iterator HFiter = (m_nextPage.getHeaderFooterList()).begin();
+- HFiter != (m_nextPage.getHeaderFooterList()).end(); ++HFiter)
++ std::vector<WPXHeaderFooter> headerFooterList = m_nextPage.getHeaderFooterList();
++ for (std::vector<WPXHeaderFooter>::const_iterator HFiter = headerFooterList.begin();
++ HFiter != headerFooterList.end(); ++HFiter)
+ {
+ if ((*HFiter).getOccurrence() != NEVER)
+ {
+
diff -Nru libwpd-0.10.1/debian/patches/series libwpd-0.10.1/debian/patches/series
--- libwpd-0.10.1/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ libwpd-0.10.1/debian/patches/series 2017-09-17 13:20:30.000000000 +0200
@@ -0,0 +1 @@
+libwpd-tdf112269.diff
--- End Message ---