Ubuntu
koffice package

lp:ubuntu/feisty-security/koffice

Feisty (7.04)
feisty-security

Created by James Westby on 2009-06-27 and last modified on 2009-06-27

Get this branch:: bzr branch lp:ubuntu/feisty-security/koffice

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

30. By Kees Cook on 2008-04-15: * SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
added.
* References
CVE-2008-1693
29. By Jonathan Riddell on 2007-11-07: * SECURITY UPDATE: multiple xpdf based vulnerabilities
* Remotely supplied pdf files can be used to disrupt the koffice PDF
  import filter on the client machine and possibly execute arbitrary code.
* Add debian/patches/kubuntu_02_xpdf2-CVE-2007-4352-5392-5393.diff
  edits filters/kword/pdf/xpdf/xpdf/Stream.cc and .h
* References
  CVE-2007-4352
  CVE-2007-5392
  CVE-2007-5393
  http://www.kde.org/info/security/advisory-20071107-1.txt
28. By Jonathan Riddell on 2007-08-02: * SECURITY UPDATE: xpdf buffer overflow
  kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
  a vulnerability that can cause a stack based buffer overflow
  via a PDF file that exploits an integer overflow in
  StreamPredictor::StreamPredictor().
* Add kubuntu_01_xpdf-CVE-2007-3387.diff
  fixes input data check in kpdf/xpdf/xpdf/Stream.cc
* References
  http://www.kde.org/info/security/advisory-20070730-1.txt
  CVE-2007-3387
* Add build-dep on libcairo2-dev due to poppler bug
27. By Jonathan Riddell on 2007-02-13: New upstream release
26. By Jonathan Riddell on 2007-01-15: * SECURITY UPDATE: kpdf/kword/xpdf denial of service vulnerability
* kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
  a vulnerability that can cause denial of service (infinite loop)
  via a PDF file that contains a crafted catalog dictionary
  or a crafted Pages attribute that references an invalid page
  tree node.
* Add kubuntu_07_xpdf_vulnerability.diff
* References:
  http://www.kde.org/info/security/advisory-20070115-1.txt
  CVE-2007-0104
25. By Matthias Klose on 2007-01-14: Rebuild for python2.5 as the default python version.
24. By Jonathan Riddell on 2006-11-21: * New upstream release
* Add build-depends on libexif-dev, libpoppler-qt-dev
* Remove 13_krita_fill_tablet.diff, 15_krita_tablet_stylus.diff
and 17_krita_color_range_crash.diff applied upstream
23. By Jonathan Riddell on 2006-11-17: Merge with Debian
22. By Jonathan Riddell on 2006-07-11: Remove build-dep on libpqxx-dev
21. By Jonathan Riddell on 2006-07-10: New upstream release

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/koffice

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntukoffice package