Ubuntu
koffice package

lp:ubuntu/edgy-security/koffice

Edgy (6.10)
edgy-security

Created by James Westby on 2009-06-27 and last modified on 2009-06-27

Get this branch:: bzr branch lp:ubuntu/edgy-security/koffice

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

26. By Kees Cook on 2008-04-15: * SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
added.
* References
CVE-2008-1693
25. By Jonathan Riddell on 2007-11-07: * SECURITY UPDATE: multiple xpdf based vulnerabilities
* Remotely supplied pdf files can be used to disrupt the koffice PDF
  import filter on the client machine and possibly execute arbitrary code.
* Add debian/patches/kubuntu_08_xpdf2-CVE-2007-4352-5392-5393.diff
  edits filters/kword/pdf/xpdf/xpdf/Stream.cc and .h
* References
  CVE-2007-4352
  CVE-2007-5392
  CVE-2007-5393
  http://www.kde.org/info/security/advisory-20071107-1.txt
24. By Jonathan Riddell on 2007-08-02: * SECURITY UPDATE: xpdf buffer overflow
  kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
  a vulnerability that can cause a stack based buffer overflow
  via a PDF file that exploits an integer overflow in
  StreamPredictor::StreamPredictor().
* Add kubuntu_01_xpdf-CVE-2007-3387.diff
  fixes input data check in kpdf/xpdf/xpdf/Stream.cc
* References
  http://www.kde.org/info/security/advisory-20070730-1.txt
  CVE-2007-3387
23. By Jonathan Riddell on 2007-01-15: * SECURITY UPDATE: kpdf/kword/xpdf denial of service vulnerability
* kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
  a vulnerability that can cause denial of service (infinite loop)
  via a PDF file that contains a crafted catalog dictionary
  or a crafted Pages attribute that references an invalid page
  tree node.
* Add kubuntu_07_xpdf_vulnerability.diff
* References:
  http://www.kde.org/info/security/advisory-20070115-1.txt
  CVE-2007-0104
22. By Jonathan Riddell on 2006-07-11: Remove build-dep on libpqxx-dev
21. By Jonathan Riddell on 2006-07-10: New upstream release
20. By Jonathan Riddell on 2006-07-06: * Sync with Debian
* Add debian/patches/common/kubuntu_01_kdepot.diff
19. By Jonathan Riddell on 2006-05-24: * SECURITY UPDATE: Potential arbitrary code execution.
* Add debian/patches/kubuntu_07_xpdf_vulnerability.diff:
  - xpdf/JBIG2Stream.cc, xpdf/Stream.h, splash/SplashXPathScanner.cc: Fix
    various integer overflows.
  - Upstream patch from Derek Noonburg.
* CVE-2006-1244
18. By Daniel Holbach on 2006-05-21: * debian/cdbs/kde.mk:
- added dh_iconcache.
17. By Luka Renko on 2006-05-10: * Add kubuntu_04_num_locale.patch (backport from 1.5.1) to fix numeric
  values breaking file compatibility with OpenOffice.org (Malone #43887)
* Add kubuntu_05_kword_skim.patch (backport from 1.5.1) to fix skim
  input method in KWord (Malone #39753)
* Add kubuntu_06_kword_accent.patch (backport from 1.5.1) to fix accent
  characters in KWord (Malone #41718)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/koffice

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntukoffice package