[SRU] Prevent DoS via OOXML

Bug #1316243 reported by Björn Michaelsen on 2014-05-05
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libreoffice (Ubuntu)
Undecided
Björn Michaelsen
Precise
Undecided
Unassigned

Bug Description

LibreOffice 3.5.x allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.

SRU data:

[Impact]

 * DoS/application termination upon opening crafted file

[Test Case]

 * none

[Regression Potential]

 * patch affects only OOXML filters for Writer
 * change is in all upstream LibreOffice releases since 3.6.7/4.0.4, so regression potential is low
 * patch has been considered fine by the security team

[Other Info]
 * none

CVE References

description: updated
description: updated
Changed in libreoffice (Ubuntu):
assignee: nobody → Björn Michaelsen (bjoern-michaelsen)
summary: - Prevent DoS via OOXML
+ [SRU] Prevent DoS via OOXML

Attaching the debdiff vs. -0ubuntu5 for SRU.

Changed in libreoffice (Ubuntu):
status: New → Fix Released
Changed in libreoffice (Ubuntu Precise):
status: New → In Progress

Hello Björn, or anyone else affected,

Accepted libreoffice into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/libreoffice/1:3.5.7-0ubuntu6 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in libreoffice (Ubuntu Precise):
status: In Progress → Fix Committed
tags: added: verification-needed
Steve Langasek (vorlon) wrote :

Hello Björn, or anyone else affected,

Accepted libreoffice into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/libreoffice/1:3.5.7-0ubuntu6.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-done
removed: verification-needed

The verification of the Stable Release Update for libreoffice has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libreoffice - 1:3.5.7-0ubuntu6.1

---------------
libreoffice (1:3.5.7-0ubuntu6.1) precise; urgency=medium

  * guard symlink change for special cased platforms

libreoffice (1:3.5.7-0ubuntu6) precise; urgency=low

  [ Ritesh Khadgaray ]
  * fix symlink permissions (LP: #1200277)

  [ Bjoern Michaelsen ]
  * add OOXML fix (LP: #1316243)
  * drop unused and upstreamed patches:
    - lp-1194740-fdo-50304-fix-xls-row-height-again.diff
    - lp-1194740-fdo-51878-fix-regression-of-size-ballooning.diff
 -- Bjoern Michaelsen <email address hidden> Thu, 08 May 2014 23:48:13 +0200

Changed in libreoffice (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers