[SRU] libreoffice 6.2.7 for disco
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libreoffice (Ubuntu) |
Fix Released
|
High
|
Marcus Tomlinson | ||
Disco |
Fix Released
|
High
|
Marcus Tomlinson | ||
libreoffice-l10n (Ubuntu) |
Fix Released
|
High
|
Marcus Tomlinson | ||
Disco |
Fix Released
|
High
|
Marcus Tomlinson |
Bug Description
[Impact]
* LibreOffice 6.2.7 is in its seventh bugfix release of the 6.2 line.
For a list of fixed bugs compared to 6.2.6 see:
https:/
(that's a total of 32 bugs)
* Given the nature of the project, the complexity of the codebase and the high level of quality assurance upstream, it is preferable to SRU a minor release rather than cherry-pick selected bug fixes.
[Test Case]
* No specific test case, bugs fixed upstream hopefully come with unit/regression tests, and the release itself is extensively exercised upstream (both in an automated manner and manually) by a community of testers. Each minor release normally goes through two release candidates.
* The libreoffice packages include autopkgtests, those should be run and verified to pass.
* General smoke testing of all the applications in the office suite should be carried out.
[Regression Potential]
* A minor release with a total of 32 bug fixes always carries the potential for introducing regressions, even though it is a bugfix-only release, meaning that no new features were added, and no existing features were removed.
* A combination of autopkgtests and careful smoke testing as described above should provide reasonable confidence that no regressions sneaked in.
CVE References
Changed in libreoffice (Ubuntu): | |
assignee: | nobody → Marcus Tomlinson (marcustomlinson) |
Changed in libreoffice (Ubuntu Disco): | |
assignee: | nobody → Marcus Tomlinson (marcustomlinson) |
Changed in libreoffice-l10n (Ubuntu Disco): | |
assignee: | nobody → Marcus Tomlinson (marcustomlinson) |
Changed in libreoffice-l10n (Ubuntu): | |
assignee: | nobody → Marcus Tomlinson (marcustomlinson) |
Changed in libreoffice (Ubuntu): | |
importance: | Undecided → High |
Changed in libreoffice (Ubuntu Disco): | |
importance: | Undecided → High |
Changed in libreoffice-l10n (Ubuntu): | |
importance: | Undecided → High |
Changed in libreoffice-l10n (Ubuntu Disco): | |
importance: | Undecided → High |
Changed in libreoffice-l10n (Ubuntu): | |
status: | New → In Progress |
Changed in libreoffice-l10n (Ubuntu Disco): | |
status: | New → In Progress |
Changed in libreoffice (Ubuntu Disco): | |
status: | New → In Progress |
Changed in libreoffice (Ubuntu): | |
status: | New → In Progress |
Changed in libreoffice-l10n (Ubuntu): | |
status: | In Progress → Fix Released |
Changed in libreoffice (Ubuntu): | |
status: | In Progress → Fix Released |
This bug was fixed in the package libreoffice - 1:6.2.7- 0ubuntu0. 19.04.1
--------------- 7-0ubuntu0. 19.04.1) disco-security; urgency=medium
libreoffice (1:6.2.
* New upstream release (LP: #1843763)
* Fixes CVE-2019-9854: Unsafe URL assembly flaw in allowed script location check
-- Marcus Tomlinson <email address hidden> Thu, 12 Sep 2019 15:53:48 +0100