Comment 9 for bug 2044019

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libreoffice - 4:7.6.4-0ubuntu0.23.10.1

---------------
libreoffice (4:7.6.4-0ubuntu0.23.10.1) mantic-security; urgency=medium

  * New upstream release (LP: #2044019)
  * SECURITY UPDATE: Improper input validation enabling arbitrary Gstreamer
    pipeline injection
    - CVE-2023-6185
  * SECURITY UPDATE: Link targets allow arbitrary script execution
    - CVE-2023-6186

  [ Rico Tzschichholz ]
  * debian/patches/fix-arm64-tests.diff:
    - Dropped while it got fixed upsteam
  * debian/patches/fix-armhf-linker.diff:
    - Included upsteam now
  * Update replace-source-sans-in-templates.diff

  [ Rene Engelhard ]
  * debian/rules:
    - readd fonts-crosextra-caladea build-dep; Cambria usage is back
    - re-enable cmis; bump libcmis build-dep to >= 0.6.1
  * debian/control.in:
    - duplicate Replaces: as Breaks: in -uiconfig-*
  * Update patches/we-dont-have-the-needed-fonts.diff and
    patches/adapt-for-new-carlito.diff

 -- Rico Tzschichholz <email address hidden> Thu, 07 Dec 2023 22:10:12 +0100