lp:ubuntu/gutsy-security/koffice
- Get this branch:
- bzr branch lp:ubuntu/gutsy-security/koffice
Branch merges
Branch information
Recent revisions
- 36. By Kees Cook
-
* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/ 40_pdf2- embedded- font-fixes. diff: stronger type-checking
added.
* References
CVE-2008-1693 - 35. By Jonathan Riddell
-
* SECURITY UPDATE: multiple xpdf based vulnerabilities
* Remotely supplied pdf files can be used to disrupt the koffice PDF
import filter on the client machine and possibly execute arbitrary code.
* Add debian/patches/ kubuntu_ 02_xpdf2- CVE-2007- 4352-5392- 5393.diff
edits filters/kword/pdf/ xpdf/xpdf/ Stream. cc and .h
* References
CVE-2007-4352
CVE-2007-5392
CVE-2007-5393
http://www.kde. org/info/ security/ advisory- 20071107- 1.txt - 34. By Steve Kowalik
-
* Rebuild for the libpoppler1 -> libpopper2 transistion.
* Munge Maintainer field as per spec. - 32. By Jonathan Riddell
-
* SECURITY UPDATE: xpdf buffer overflow
kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
a vulnerability that can cause a stack based buffer overflow
via a PDF file that exploits an integer overflow in
StreamPredictor::StreamPredi ctor().
* Add kubuntu_01_xpdf- CVE-2007- 3387.diff
fixes input data check in kpdf/xpdf/xpdf/Stream. cc
* References
http://www.kde. org/info/ security/ advisory- 20070730- 1.txt
CVE-2007-3387 - 29. By Jonathan Riddell
-
* Merge with Debian, remaining changes:
- don't build-dep on libpqxx-dev or graphicsmagick, in universe
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/koffice