desktop-packages team mailing list archive

Thread
Date

[Bug 1380711] Re: security CVE 2014-3575

To: desktop-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1380711@xxxxxxxxxxxxxxxxxx>
Date: Mon, 10 Nov 2014 15:37:44 -0000
Reply-to: Bug 1380711 <1380711@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package libreoffice - 1:3.5.7-0ubuntu7

---------------
libreoffice (1:3.5.7-0ubuntu7) precise-security; urgency=medium

  * SECURITY UPDATE: fix OLE objects (LP: #1380711)
    - CVE-2014-3575
  * disable external mozilla header to fix FTBFS
 -- Bjoern Michaelsen <bjoern.michaelsen@xxxxxxxxxxxxx>   Wed, 22 Oct 2014 16:11:30 +0200

** Changed in: libreoffice (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/1380711

Title:
  security CVE 2014-3575

Status in “libreoffice” package in Ubuntu:
  Fix Released

Bug description:
  dear mantainers, as you can see here
  http://www.securitytracker.com/id/1030804, libreoffice earlier than
  4.2.6 secfix1 is vulnerable, as apache openoffice earlier than 4.1.1
  to CVE 2014-3575, if i understan correctly the report.

  thank's for you work.
  best regards
  Tiziano Casavecchia

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1380711/+subscriptions

References

[Bug 1380711] [NEW] security CVE 2014-3575
From: tiziano.casavecchia, 2014-10-13