drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in LibreOffice
Name: |
Ausführen beliebiger Kommandos in LibreOffice |
|
ID: |
FEDORA-2015-7022 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 21 |
|
Datum: |
Mi, 29. April 2015, 16:43 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1774 |
|
Applikationen: |
LibreOffice |
|
Originalnachricht |
Name : libreoffice Product : Fedora 21 Version : 4.3.7.2 Release : 3.fc21 URL : http://www.libreoffice.org/ Summary : Free Software Productivity Suite Description : LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, LibreOffice also works transparently with a variety of file formats, including Microsoft Office File Formats.
------------------------------------------------------------------------------- - Update Information:
Fix some .docx import crashes. And finally fix the re-render of checked->unchecked checkbox transition
update to 4.3.7 ------------------------------------------------------------------------------- - ChangeLog:
* Fri Apr 24 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.7.2-3 - Resolves: rhbz#1198848 fix DOCX redline import crash - Resolves: rhbz#1215060 fix docx table import crash * Fri Apr 24 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.7.2-2 - Resolves: tdf#73211 fix gtk checkboxes droppings after toggle off * Tue Apr 21 2015 David Tardon <dtardon@redhat.com> - 1:4.3.7.2-1 - update to 4.3.7 * Tue Apr 14 2015 Stephan Bergmann <sbergman@redhat.com> - 1:4.3.6.2-9 - Resolves: rhbz#1197614 crash when updating extension - Resolves: rhbz#1134285 redundant user/password request for WebDAV access * Tue Apr 7 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.6.2-8 - negative after-text indents ignored by msword for apos * Fri Mar 27 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.6.2-7 - Resolves: rhbz#1183806 crash on pressing delete in empty pivot table lists * Thu Mar 26 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.6.2-6 - Resolves: tdf#90256 repair invalid docking positions * Mon Mar 23 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.6.2-5 - Resolves: rhbz#1204244 group sdb windows together as 'base' * Thu Mar 19 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.6.2-4 - Resolves: rhbz#1202138 fix crash on exit * Wed Feb 18 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.6.2-3 - Resolves: rhbz#1193971 clear hard coded char props in cells * Fri Feb 6 2015 Stephan Bergmann <sbergman@redhat.com> - 1:4.3.6.2-2 - Resolves: rhbz#1123710 crash opening Draw * Mon Feb 2 2015 David Tardon <dtardon@redhat.com> - 1:4.3.6.2-1 - update to 4.3.6 * Fri Jan 30 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.5.2-12 - Resolves: rhbz#1136013 ExternalToolEdit crash - font cache gets broken on adding an embedded font - if we change the keys we have to resort based on the new keys - Resolves: rhbz#1184582 crash in grammar checking thread - Resolves: fdo#88378 flipping by reversing coords no longer works - Resolves: rhbz#1179642 crash in GetFocus - don't strip font names of apparent script suffixes - Resolves: rhbz#1177022 fix PDF embedding of Type 1 fonts - make certain change-tracking odts not crash on deleting text * Fri Jan 16 2015 Eike Rathke <erack@redhat.com> - 1:4.3.5.2-11 - Resolves: rhbz#1171828 fdo#86978 append formula cells to track instead of tree * Thu Jan 15 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.5.2-10 - Resolves: rhbz#1182018 python required for wizards now - Resolves: rhbz#1180114 writerfilter: don't crash on w:customXmlDelRangeStart etc. - Resolves: rhbz#1162352 SwDataChanged dtor accesses deleted PaM * Wed Jan 14 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.5.2-9 - classic draw rectangles fit to contour utterly broken - Use the same advanced Ellipse and Rectangle shapes in writer as draw/impress * Tue Jan 13 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.5.2-8 - allow comparing documents which only differ by frame contents * Mon Jan 12 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.5.2-7 - Resolves: fdo#36772 calc and draw tabbars tabs are too small - Resolves: fdo#73165 spell checking isn't kicking in until typist pauses - radio check top center bottom alignment for table cells * Fri Jan 9 2015 David Tardon <dtardon@redhat.com> - 1:4.3.5.2-6 - Resolves: fdo#82681 Draw crashes when copying table row * Wed Jan 7 2015 Caolán McNamara <caolanm@redhat.com> - 1:4.3.5.2-5 - Resolves: rhbz#1177547 system autocorr files not detected * Thu Dec 18 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.5.2-4 - Resolves: rhbz#1175142 nStarts ends up as an invalid -1 * Mon Dec 15 2014 David Tardon <dtardon@redhat.com> - 1:4.3.5.2-3 - Resolves: rhbz#1116534 crash when pasting over a formula * Fri Dec 12 2014 David Tardon <dtardon@redhat.com> - 1:4.3.5.2-2 - Resolves: fdo#87242 fix unwanted text shadows during cairo animation * Fri Dec 12 2014 David Tardon <dtardon@redhat.com> - 1:4.3.5.2-1 - new upstream release * Thu Dec 11 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-13 - Resolves: rhbz#1173170 fix crash in impress undo * Tue Dec 9 2014 David Tardon <dtardon@redhat.com> - 1:4.3.4.1-12 - Resolves: fdo#37682 fix export of whole Draw page to PNG * Mon Dec 8 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-11 - move officehelper.py to pyuno package so it can be imported from python - Resolves: rhbz#1164614 xslt dialog crashes if there are no entries - fix copying and saving of styles in Impress * Wed Dec 3 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-10 - Related: fdo#78151 only make outline title and subtitle readonly in master view * Tue Dec 2 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-9 - Fix slow updates with annotations * Thu Nov 27 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-8 - Resolves: fdo#84043 don't create duplicate Mirrored props - Resolves: rhbz#1165444 abrt crash with NULL pView * Tue Nov 25 2014 Stephan Bergmann <sbergman@redhat.com> - 1:4.3.4.1-7 - Resolves: fdo#1167250 Crash in clipboard code - Revert: #i63015# always default to WinAnsiEncoding for Type1 pdf export * Fri Nov 21 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-6 - Resolves: fdo#86466 Wrong background color shown in impress table * Thu Nov 20 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-5 - Resolves: rhbz#1164551 we want to ensure that a libjvm.so is available but we have no firm interest in which one that is * Wed Nov 19 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-4 - Resolves: rhbz#1165740 arbitrarily backport some rtf crash fixes * Mon Nov 17 2014 Michael Stahl <mstahl@redhat.com>- 1:4.3.4.1-3 - set VCL.WM.ShouldSwitchWorkspace to false to avoid virtual desktop switching * Thu Nov 13 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.4.1-2 - fix impress table layout cache wrt wrong table selection border * Tue Nov 11 2014 David Tardon <dtardon@redhat.com> - 1:4.3.4.1-1 - update to 4.3.4 rc1 * Tue Nov 11 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.3.2-6 - strip hard coded numbering off outline master previews * Mon Nov 10 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.3.2-5 - Resolves: rhbz#1161238 sync PRESOBJ_OUTLINE para depth on load * Thu Nov 6 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.3.2-4 - Resolves: fdo#60712 Inherits cell styles in inserting rows/columns - implement toggling off removeable master elements with delete - Resolves: fdo#78151 change underlying style on toggling bullets on/off in master view * Thu Nov 6 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.3.2-3 - Resolves: fdo#76581 copy-and-paste -> slideshow crash in presenter console * Wed Nov 5 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.3.3.2-2 - Resolves: fdo#37559 revert adding extra dummy polygons * Tue Oct 28 2014 David Tardon <dtardon@redhat.com> - 1:4.3.3.2-1 - update to 4.3.3 rc2 * Sun Oct 19 2014 David Tardon <dtardon@redhat.com> - 1:4.3.3.1-2 - enable support for 3-D models * Thu Oct 9 2014 David Tardon <dtardon@redhat.com> - 1:4.3.3.1-1 - update to 4.3.3 rc1 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1216042 - CVE-2015-1774 libreoffice: out-of-bounds write in HWP file filter https://bugzilla.redhat.com/show_bug.cgi?id=1216042 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update libreoffice' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|