[SRU] LibreOffice 3.5.7 for precise

Bug #1037111 reported by Björn Michaelsen on 2012-08-15
This bug affects 14 people
Affects Status Importance Assigned to Milestone
libreoffice (Ubuntu)

Bug Description


 * https://launchpad.net/~libreoffice/+archive/libreoffice-3-5/+sourcepub/2604568/+listing-archive-extra and https://launchpad.net/~libreoffice/+archive/ppa/+sourcepub/2567714/+listing-archive-extra for fixed bugs

 * see https://lists.ubuntu.com/archives/technical-board/2012-June/001283.html ff.


 * see https://lists.ubuntu.com/archives/technical-board/2012-June/001283.html ff.

 * in testing by the popular ppas: https://launchpad.net/~libreoffice/+archive/ppa/ and https://launchpad.net/~libreoffice/+archive/libreoffice-3-5 since 2012-08-11

 * no script testplan, that's a libreoffice update, work with the new version, open documents with the different tools, edit some, see if you run into any new issue

[Regression Potential]

 * see https://lists.ubuntu.com/archives/technical-board/2012-June/001283.html ff.

Since 3.5 is EOL upstream, backporting various additional fixes that are not covered by the provisional MRE: http://anonscm.debian.org/gitweb/?p=pkg-openoffice/libreoffice.git;a=shortlog;h=refs/heads/debian-experimental-3.5

Here is the rationale for the backporting of these:

lp#1097437: released on Fedora 17 and upstream, one-line change
lp#1097710 and lp#1097811: released on Fedora 17 and upstream, prevents severe release regression against 3.5.4 (related: lp#1097811 and fdo#53909)
lp#1097715: released on Fedora 17 and upstream, fix limited to browserplugin, which wasnt working reliably on release anyway
lp#1097718: released on Fedora 17 and upstream, trivial change of one window-flag (possibly also fixes: fdo#48096, lp#26303, lp#399765, lp#999269)
lp#1097722: released on Fedora 17 and upstream, crasher, thus dataloss
lp#1097727: released on Fedora 17 and upstream, crasher, thus dataloss
lp#1097735: released on Fedora 17 and upstream, patch origin SUSE, fix limited to the RTF file import filter
lp#1097744: released on Fedora 17 and upstream, revert of hurting commit by original author
lp#1097748: released on Fedora 17 and upstream, one-line change, making us more generous in reading broken MSO2010 files
lp#1097760: released on Fedora 17 and upstream, fix of the offending commit by original author, bug introduction properly bibisected upstream
lp#1097782: released on Fedora 17 and upstream, one-line change adding a check for a NULL pointer (most possibly a regression against 3.3 too), crasher, thus dataloss
lp#1097829: released on Fedora 17 and upstream, crasher, thus dataloss
lp#1097966: released on Fedora 17 and upstream, prevents severe release regression against 3.5.4, one-line change
lp#1097962: released on Fedora 17 and upstream, crasher, thus dataloss
lp#1103495: released on Fedora 17 and upstream, prevents release regression against 3.5.4
lp#994388: released on Fedora 17 and upstream (see also: bug 1103056)

A version including these patches is available at https://launchpad.net/~libreoffice/+archive/libreoffice-3-5?field.series_filter=precise for testing.

CVE References

description: updated
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libreoffice (Ubuntu):
status: New → Confirmed
Alusa (alusa) on 2012-08-15
tags: added: precise upgrade-software-version
Rolf Leggewie (r0lf) wrote :

Please do not forget to include the fix for bug 1071075

Mozaic (mozaic) wrote :

3.5.7 come 18 October 2012:
http://<email address hidden>/msg00135.html

summary: - [SRU] LibreOffice 3.5.6 for precise
+ [SRU] LibreOffice 3.5.7 for precise

Mozaic, please do not toggle the title.

Thank you for your understanding.

summary: - [SRU] LibreOffice 3.5.7 for precise
+ [SRU] LibreOffice 3.5.6 for precise
tekstr1der (tekstr1der) wrote :

@Mozaic: Have you opened a new bug regarding the SRU of LibreOffice 3.5.7 for precise?

It is available now in the 3.5.x stable ppa, but it would be really great to get it SRU'd into the repos.

Mozaic (mozaic) wrote :

@ tekstr1der (tekstr1der:
No, I create this bug: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1071407 and it's now duplicate of this one. That why i try to change title but penaver don't want.

I d'on't see that 3.5.7 is now here: https://launchpad.net/~libreoffice/+archive/libreoffice-3-5?field.series_filter=precise
I will try it.

"but it would be really great to get it SRU'd into the repos"

Yes, please test in the 3-5 ppa -- it makes it easier to argue this is a needed SRU when some people report it is used for some time without any observed regressions. Thanks.

summary: - [SRU] LibreOffice 3.5.6 for precise
+ [SRU] LibreOffice 3.5.7 for precise
tekstr1der (tekstr1der) wrote :

Thanks so much Björn for keeping the stable ppa up to date. This point release fixed a long-standing bug which was affecting me.

@ Mozaic - the 3.5.7 precise build is avaiable via the very link you provided. Perhaps you're having a browser caching issue? WFM.

Changed in libreoffice (Ubuntu):
importance: Undecided → High
Changed in libreoffice (Ubuntu Precise):
status: New → In Progress
importance: Undecided → High
information type: Public → Public Security

@Seb: The package should be waiting for uploading at the usual place.

Pilot6 (hanipouspilot) wrote :

And what about 64-bit versions? They never are built.

tekstr1der (tekstr1der) wrote :

@Pilot6 - The amd64 builds are available in the PPA mentioned in comment #6.

Here's the direct link to the (currently latest) .debs:

Mozaic (mozaic) wrote :

I don't find problem with 3.5.7 from this ppa

Mikael Hjelm (j-m-hjelm) wrote :

The build 350m1 fails to open large .doc files, it treats them as text. Is this the correct place to report.
System is Precise 12.04.1 amd64.
Smaller word files works fine.

Mozaic (mozaic) wrote :

A regression:

@ Mikael Hjelm could you test, it's a big file but with xls.

Mikael Hjelm (j-m-hjelm) wrote :

Mozaic, unfortunately i have to have this working and the ppa with the 3.6 version is broken for me so i had to try the libreoffice official release which opens the document just fine so i cannot put any more effort into this.
The failing word .doc file is 19.6 M if that helps any, it is unfortunately confidential info so i cannot add it as example.

@Mozaic, j-m-hjelm: Please check version 1:3.5.7-0ubuntu3~ppa1 from https://launchpad.net/~libreoffice/+archive/libreoffice-3-5?field.series_filter=precise

Removing CVE 2012-4233, which has been fixed by a minimal backport fix in 1:3.5.4-0ubuntu1.1 for precise.

description: updated
Mozaic (mozaic) wrote :

 1:3.5.7-0ubuntu3~ppa1 resolve Bug #1089473


Mozaic (mozaic) wrote :

I found another regression:
[Regression] LibreOffice 3.5.7 could not launch Fax Wizard: https://bugs.launchpad.net/ubuntu/+bug/1101799

FWIW #20 was found not to be a regression.

seems to be a upstream release regression in 3.5.7 that we need to fix.

Mozaic (mozaic) wrote :

Who is Meh ? Is it an english's Acronym ?

I don't reproduce https://bugs.freedesktop.org/show_bug.cgi?id=56281 in french interface.

@mozaic: sorry for using slang (http://www.urbandictionary.com/define.php?term=meh)

I had a report that with 3.5.7 there are tildes on some buttons in the print dialogs (in french). However, I indeed cant reproduce that here. I just asked the reporter for a screenshot.

Yep, bug 1103495 is reproducible but only in the german locale.

Fixed version uploaded to:

 and chinstrap.

a ppa-testbuild is running on:


This upload adds:
 bug 1103495: released on Fedora 17 and upstream, prevents release regression against 3.5.4
 bug 994388: released on Fedora 17 and upstream (see also: bug 110305)

- fdo#50415 now has a corrected launchpad reference
- cleaned up and simplified changelog:

description: updated

smoketested the ppa build, verified the two added fixes, looking good
note that the -ubuntu4 version is to also push out this to the users of the widely used libreoffice ppa, as the ubuntu version creeped up to ubuntu3 there.

ready for SRU.

description: updated
description: updated

Hello Björn, or anyone else affected,

Accepted libreoffice into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/libreoffice/1:3.5.7-0ubuntu4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in libreoffice (Ubuntu Precise):
status: In Progress → Fix Committed
tags: added: verification-needed
Bryan Quigley (bryanquigley) wrote :

lp#1097735: verified fixed
lp#1097748: verified fixed
lp#1097829: verified fixed
lp#1097966: working; was able to open doc
lp#1103495: verified fixed
lp#994388: verified fixed

Verification partially done...

Mozaic (mozaic) wrote :

[Regression] Libreoffice 3.5.7 could not read PDF Hybrid: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1118328

Sebastien Bacher (seb128) wrote :

@Mozaic: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1118328/comments/5 states

"Reproduce with LibreOffice Build ID: 350m1(Build:2) from Ubuntu Repositorie

Don't reproduce with
- Official LibreOffice Version ID : 3215f89-f603614-ab984f2-7348103-1225a5 on Ubuntu 12.04"

The current version in precise-updates is 1:3.5.4-0ubuntu1.1 though, not sure where the versions you listed are coming from. Is that a regression over the current precise build?

Mozaic (mozaic) wrote :

@ Sebastien Bacher : It's a regression over the the current LibreOffice build.

Sebastien Bacher (seb128) wrote :

I can't confirm that, the pdf you attached to the other bug open fine with the precise-proposed version. Is the issue an export or import one? Can you narrow the testcase?

Bryan Quigley (bryanquigley) wrote :

For bug 1118328:
I can confirm this is an issue on Ubuntu's LibreOffice 3.5.4 so it is not a regression for this 3.5.7 SRU.

Mozaic (mozaic) wrote :

For bug 1118328: It's a LibreOffice extension, by default inside the offical build given by TDF. I don't know that. The bug is resolved after add the package libreoffice-pdfimport
Sorry for the noise

Ryan Tandy (rtandy) wrote :

fdo#53883, which I believe corresponds to bug 1097710, affected 3.5.6-0ubuntu1 and 3.5.7-0ubuntu1~precise3 but is fixed in 3.5.7-0ubuntu4. Thanks for that!

The Lucid backport is still affected by that bug, so I hope it can be updated at some point (I guess after this hits precise-updates). I backported 3.5.7-0ubuntu4 to Lucid myself and verified that it fixes it. Should I report that somewhere else for tracking?

I have been testing using a document from fdo#53883: https://bugs.freedesktop.org/attachment.cgi?id=70712

Verified also with the spreadsheet Mozaic posted in bug 1089473, on Precise and Lucid.

Thanks for your work!

No known issue with this version, marking as verification-done as discussed on #ubuntu-desktop.

tags: added: verification-done
removed: verification-needed
Mozaic (mozaic) wrote :

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libreoffice - 1:3.5.7-0ubuntu4

libreoffice (1:3.5.7-0ubuntu4) precise; urgency=low

  [Nobuto MURATA]
  * debian/patches/improve-faux-bold-font.patch: added
    - cherry-picked from upstream
    - improve rendering of the "faux bold" font on Impress
      presentation (LP: #585910).

  [Bjoern Michaelsen]
  * remove upstreamed security fix for CVE-2012-2665
  * moved to upstream 3.5.7 rc2 = final release
    - rhbz#799628 related: crash with chewing-IM with g3g [Caolán McNamara]
    - fdo#50415 and Fix Shortcut names are not localized on Linux [Thomas Arnhold]
    - fdo#35372: master text styles show up on actual slides
  * backport SdModule::GetSdOptions: Process /usr/lib64/libreoffice/program/soffice.bin was killed by signal 11 (SIGSEGV)
  * backport crash when scrolling in multiselection in slide sorter
  * backport multi-threaded XIOError segv
  * backport GetSdrPageView() might return NULL
  * backport Writer crashed while editing a table
  * backport Objects anchored to cell wrongly positionned to A1
  * backport Do not move nCurUndoAction < 0
  * backport Do not check the stored DIFAT sector count
  * backport Enable NPP_Initialize/Shutdown again
  * backport torn off popups trigger keyboard focus problems
  * backport a11y: call doShow after we have a valid view
  * backport Clipboard must be disposed before Selection
  * backport fix default hori/vert frame anchor during RTF import
  * backport Load Java scripts with class loaders
  * backport Do not consider timestamp differences as corruption
  * backport sw: better fix for DOCX table import crash
  * backport crash in SwXTextDocument::getRendererCount
  * backport STG_FREE sector locations rejected
  * backport fix crash following delete at last table cell
  * backport restrict page sanity check to non-storage chunks
  * backport prevent crashes after incomplete print
  * backport set correct paper tray in UI
  * backport German OK and Cancel buttons show ~
  * final upstream bugfix release -- SRU for precise (LP: #1037111)
 -- Bjoern Michaelsen <email address hidden> Wed, 23 Jan 2013 10:49:35 +0100

Changed in libreoffice (Ubuntu Precise):
status: Fix Committed → Fix Released


Changed in libreoffice (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.