- Detalji os-a: FED
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2014-7679
2014-06-24 22:29:17
——————————————————————————–
Name : libreoffice
Product : Fedora 19
Version : 4.1.6.2
Release : 7.fc19
URL : http://www.libreoffice.org/default/
Summary : Free Software Productivity Suite
Description :
LibreOffice is an Open Source, community-developed, office productivity suite.
It includes the key desktop applications, such as a word processor,
spreadsheet, presentation manager, formula editor and drawing program, with a
user interface and feature set similar to other office suites. Sophisticated
and flexible, LibreOffice also works transparently with a variety of file
formats, including Microsoft Office File Formats.
——————————————————————————–
Update Information:
This update fixes CVE-2014-0247 which allowed for unconditional execution of VBA macros when opening certain documents.
——————————————————————————–
ChangeLog:
* Tue Jun 24 2014 Stephan Bergmann <sbergman@redhat.com> – 1:4.1.6.2-7
– Resolves: rhbz#1112450 CVE-2014-0247 VBA macros executed unconditionally
* Wed Jun 11 2014 Caolán McNamara <caolanm@redhat.com> – 1:4.1.6.2-6
– Resolves: rhbz#1107340 crash in styles and formatting in impress
* Mon Jun 9 2014 David Tardon <dtardon@redhat.com> – 1:4.1.6.2-5
– Resolves: rhbz#1105376 FlatODF import/export does not work unless
libreoffice-xsltfilter is installed
* Wed May 28 2014 Eike Rathke <erack@redhat.com> – 1:4.1.6.2-4
– Resolves: fdo#70455 loading .xlsx some formulas with range operator are corrupted
* Tue May 27 2014 Caolán McNamara <caolanm@redhat.com> – 1:4.1.6.2-3
– Resolves: rhbz#1084822 Pictures Replaced With Placeholder After Save, Close & Re-Open.
* Tue May 6 2014 Eike Rathke <erack@redhat.com> – 1:4.1.6.2-2
– Resolves: fdo#78294 default null-date for document import is 1899-12-30
– Resolves: fdo#76663 let’s not skip the first element of a matrix in PRODUCT
* Tue Apr 29 2014 David Tardon <dtardon@redhat.com> – 1:4.1.6.2-1
– new upstream release
* Sat Mar 15 2014 Caolán McNamara <caolanm@redhat.com> – 1:4.1.5.3-7
– Related: rhbz#1076264 intermittent a11y crash in calc
* Mon Mar 10 2014 Michael Stahl <mstahl@redhat.com> – 1:4.1.5.3-6
– Resolves: rhbz#988516: DOCX import: fix context stack when importing header
– Resolves: fdo#65655: Different_Odd_And_Even_Pages flag ignored
– RTF import: fix nested tables
– RTF import: import field parameters
* Fri Mar 7 2014 David Tardon <dtardon@redhat.com> – 1:4.1.5.3-5
– fix build on s390
* Tue Mar 4 2014 Caolán McNamara <caolanm@redhat.com> – 1:4.1.5.3-4
– Related: rhbz#1065807 search for “wizards” in the different template dirs
* Mon Mar 3 2014 Caolán McNamara <caolanm@redhat.com> – 1:4.1.5.3-3
– Resolves: rhbz#1065807 search XDG defined “Templates”
– Resolves: rhbz#1057977 do not crash when fonts are updated
– Resolves: rhbz#1007697 Update on a Window deletes itself
* Tue Feb 18 2014 David Tardon <dtardon@redhat.com> – 1:4.1.5.3-2
– Resolves: rhbz#1065925 [abrt] libreoffice-core: Divide(): soffice.bin killed
by SIGFPE
* Tue Feb 11 2014 David Tardon <dtardon@redhat.com> – 1:4.1.5.3-1
– new upstream release 4.1.5
* Thu Jan 30 2014 David Tardon <dtardon@redhat.com> – 1:4.1.4.2-6
– split LibreLogo into a separate subpackage
– create a metapackage depending on all subpackages containing filters,
for use of packages like unoconv
– Resolves: rhbz#1050162 don’t draw to NULL window
– Resolves: rhbz#1017379 libreoffice impress imports animated motion paths
incorrectly from powerpoint
– Resolves: fdo#33852 Custom animation (Motionpath Left) isn’t being
imported correctly from .ppt
* Thu Jan 23 2014 David Tardon <dtardon@redhat.com> – 1:4.1.4.2-5
– Related: rhbz#1047017 actually apply the patch
* Mon Jan 13 2014 Caolán McNamara <caolanm@redhat.com> – 1:4.1.4.2-4
– Resolves: rhbz#1038176 fix crash in loading certain charts
– Related: rhbz#1047871 conditional formatting doesn’t fix on screen
* Tue Jan 7 2014 David Tardon <dtardon@redhat.com> – 1:4.1.4.2-3
– Resolves: rhbz#1047017 All the selected toolbars became unselected
coming out from the full screen option
* Wed Dec 18 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.4.2-2
– Resolves: rhbz#1040708 rebuild against new libstdc++ to fix std::nth_element
* Mon Dec 16 2013 David Tardon <dtardon@redhat.com> – 1:4.1.4.2-1
– update to 4.1.4
– Related: rhbz#1039517 Malayalam short-cut keys are unavailable
* Thu Dec 12 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.3.2-12
– make dragging and dropping slides stop crashing
* Tue Dec 10 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.3.2-11
– Resolves: rhbz#1039902 Corrected connector layout after reload
* Wed Dec 4 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.3.2-10
– Resolves: rhbz#912529 Kerkis SmallCaps shown instead of Kerkis Regular
– Resolves: rhbz#1038189 refresh printer list when print dialog launched
* Tue Dec 3 2013 David Tardon <dtardon@redhat.com> – 1:4.1.3.2-9
– rhbz#1000893 do not pull in unneeded packages
* Wed Nov 27 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.3.2-8
– Related: rhbz#1032774 bodge around reported NULL
– Resolves: rhbz#1030009 SwXTextDocument crash at exit
– Resolves: rhbz#1035092 no shortcut key for Italian ‘Tools’ menu
* Fri Nov 22 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.3.2-7
– Resolves: rhbz#958300 fix GTK non Latin keyboard layout shortcuts
– Resolves: rhbz#977068 fix qt/kde crash
* Thu Nov 21 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.3.2-6
– Resolves: rhbz#1008102 Revert transpose data in rows ranges
– Resolves: rhbz#1031174 suspicious input handler crashes
* Wed Nov 20 2013 Stephan Bergmann <sbergman@redhat.com> – 1:4.1.3.2-5
– Resolves: rhbz#1031989 Accept –pt in addition to deprecated -pt
– Related: rhbz#1014990 valgrind reports uninitialized variables
* Sun Nov 3 2013 David Tardon <dtardon@redhat.com> – 1:4.1.3.2-4
– adapt for libmwaw 0.2
* Thu Oct 31 2013 David Tardon <dtardon@redhat.com> – 1:4.1.3.2-3
– Resolves: fdo#56209 reviving FilterFormulaParser
* Thu Oct 31 2013 Stephan Bergmann <sbergman@redhat.com> – 1:4.1.3.2-2
– Resolves: fdo#67725 unoidl::AggregatingCursor must wrap modules for aggregation
– Resolves: rhbz#1021915 force menubar menus to be up/down only
– Resolves: rhbz#1025201 Incorrect rendering of Devanagari short i
* Wed Oct 23 2013 David Tardon <dtardon@redhat.com> – 1:4.1.3.2-1
– 4.1.3 rc2
– Resolves: rhbz#1022094 libreoffice-4.1.3.1-1 was built without
langpacks
* Mon Oct 21 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.3.1-2
– Resolves: rhbz#1020712 wrong default CTL font shown in editengine
– Resolves: rhbz#919070 display -1 means span all screens
* Wed Oct 16 2013 David Tardon <dtardon@redhat.com> – 1:4.1.3.1-1
– 4.1.3 rc1
* Mon Oct 7 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.2.3-4
– Resolves: rhbz#1001768: fix various a11y deadlocks and crashes
– Resolves: rhbz#1016022 fix cut from impress and paste to writer
– Resolves: rhbz#1003179 fix AUTOFMT related crashes in Writer Undo
* Mon Oct 7 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.2.3-3
– Resolves: rhbz#1015281 crash on clicking custom animation
– Resolves: rhbz#996162 crash with no bullet font
* Wed Oct 2 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.2.3-2
– Resolves: rhbz#1013480 crash in EditLineList::operator[]
– Resolves: rhbz#1014010 crash on start up
– Resolves: rhbz#1013844 encrypted OOo 1.0 files don’t reopen
* Mon Sep 30 2013 David Tardon <dtardon@redhat.com> – 1:4.1.2.3-1
– 4.1.2 rc3
* Fri Sep 20 2013 David Tardon <dtardon@redhat.com> – 1:4.1.2.2-1
– 4.1.2 rc2
* Tue Sep 17 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.1.2-5
– Resolves: rhbz#988104 crash in certain pptx
– Resolves: rhbz#1008248 Writer Chinese Conversion crash
* Thu Sep 12 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.1.2-4
– Resolves: rhbz#1006850 crash in SwCommentRuler
* Tue Sep 3 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.1.2-3
– Resolves: rhbz#993963 NULL m_pWindow on firefox close plugin window
* Fri Aug 23 2013 Stephan Bergmann <sbergman@redhat.com> – 1:4.1.1.2-2
– Resolves: rhbz#1000150, Do not call exit upon XIOError
* Thu Aug 22 2013 David Tardon <dtardon@redhat.com> – 1:4.1.1.2-1
– 4.1.1 rc2
– Related: rhbz#895690 Always try to do a mount when opening a file via GIO
– Resolves: rhbz#998136 wrong index to gWidgetData
– Resolves: rhbz#998046 store last size/position of the base windows
* Mon Aug 19 2013 Marek Kasik <mkasik@redhat.com> – 1:4.1.1.1-2
– Rebuild (poppler-0.24.0)
* Fri Aug 9 2013 David Tardon <dtardon@redhat.com> – 1:4.1.1.1-1
– 4.1.1 rc1
* Fri Aug 9 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.0.4-6
– Resolves: fdo#67743 user autocorr file not written
* Tue Jul 30 2013 Stephan Bergmann <sbergman@redhat.com> – 1:4.1.0.4-5
– Resolves: rhbz#989246 Honor user’s JavaDriverClass override in mysql driver
– Resolves: fdo#67045 fix several nasty screen selection issues
* Tue Jul 30 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.0.4-4
– Resolves: rhbz#989686 Fix crash with stripping whitespace from toc entries
* Mon Jul 29 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.4-3
– make libwpd-based filters work correctly with newest libwpd
* Sun Jul 28 2013 Petr Machata <pmachata@redhat.com> – 1:4.1.0.4-2
– Rebuild for boost 1.54.0
* Wed Jul 24 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.4-1
– 4.1.0 rc4
* Mon Jul 22 2013 Eike Rathke <erack@redhat.com> – 1:4.1.0.3-2
– force rebuild with icu-50.1.2-7
* Thu Jul 18 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.3-1
– 4.1.0 rc3
– Resolves: fdo#48835 GNOME3 app menu
* Thu Jul 18 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.0.2-5
– silence scary gcc warning
– fdo#66924 switching to master view is broken
* Tue Jul 16 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.2-4
– bump release
* Fri Jul 12 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.2-3
– Resolves: rhbz#983809 libreoffice-base misses deps on needed java packages
* Thu Jul 11 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.2-2
– Resolves: rhbz#980387 Exporting a odg to jpg or tiff generates error
* Thu Jul 4 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.2-1
– 4.1.0 rc2
* Mon Jul 1 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.0.1-8
– Resolves: rhbz#979758 crash on Diagrammen in LibreOffice help page
* Thu Jun 27 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.1-7
– bump revision
* Mon Jun 24 2013 Marek Kasik <mkasik@redhat.com> – 1:4.1.0.1-6
– Rebuild (poppler-0.22.5)
* Mon Jun 24 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.1-5
– fix build on big endian archs
* Mon Jun 24 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.1-4
– put glade catalog into an extra packgae
* Sun Jun 23 2013 Caolán McNamara <caolanm@redhat.com> – 1:4.1.0.1-3
– Resolves: rhbz#976304 gallery elements may not insert
* Wed Jun 19 2013 Dennis Gilmore <dennis@ausil.us> – 1:4.1.0.1-2
– fix _smp_mflags macro useage
* Wed Jun 19 2013 David Tardon <dtardon@redhat.com> – 1:4.1.0.1-1
– 4.1.0 rc1
– Related: rhbz#971321 failing tests on ppc and s390
——————————————————————————–
References:
[ 1 ] Bug #1111083 – CVE-2014-0247 libreoffice: VBA macros executed unconditionally
https://bugzilla.redhat.com/show_bug.cgi?id=1111083
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update libreoffice’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
7e
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2014-07-0004-ADV |
| Cve | CVE-2014-0247 |
| ID izvornika | FEDORA-2014-7679 |
| Proizvod | libreoffice |
| Izvor | http://www.redhat.com |
