From 94d68ba907e662f1daff89a8bd24a9f29c859dea Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 3 Jun 2024 17:48:28 +0200 Subject: Adding debian version 1:7.0.4-4+deb11u9. Signed-off-by: Daniel Baumann --- debian/changelog | 8 ++++++++ debian/patches/add-notify-for-script-use.diff | 27 +++++++++++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 36 insertions(+) create mode 100644 debian/patches/add-notify-for-script-use.diff diff --git a/debian/changelog b/debian/changelog index e4a85395b..54de74101 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +libreoffice (1:7.0.4-4+deb11u9) bullseye-security; urgency=high + + * debian/patches/add-notify-for-script-use.diff: add fix for + CVE-2024-3044 ("Graphic on-click binding allows unchecked script + execution") + + -- Rene Engelhard Mon, 01 Apr 2024 11:06:03 +0200 + libreoffice (1:7.0.4-4+deb11u8) bullseye-security; urgency=high * debian/patches/escape-url-passed-to-gstreamer.diff: add from diff --git a/debian/patches/add-notify-for-script-use.diff b/debian/patches/add-notify-for-script-use.diff new file mode 100644 index 000000000..6d5b4f042 --- /dev/null +++ b/debian/patches/add-notify-for-script-use.diff @@ -0,0 +1,27 @@ +From 8b2402b16df185119c91222b33ff1b8d55e0afe4 Mon Sep 17 00:00:00 2001 +From: Caolán McNamara +Date: Wed, 27 Mar 2024 17:07:20 +0000 +Subject: add notify for script use + +Change-Id: I84af197cec7755f6803a578e1e21c03966ad5f3e +Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165412 +Tested-by: Jenkins +Reviewed-by: Xisco Fauli +--- + xmloff/source/draw/eventimp.cxx | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/xmloff/source/draw/eventimp.cxx b/xmloff/source/draw/eventimp.cxx +index 2b8921ee27fa..2a6ce1fa2381 100644 +--- a/xmloff/source/draw/eventimp.cxx ++++ b/xmloff/source/draw/eventimp.cxx +@@ -210,6 +210,9 @@ SdXMLEventContext::SdXMLEventContext( SvXMLImport& rImp, + + if( maData.mbValid ) + maData.mbValid = !sEventName.isEmpty(); ++ ++ if (!maData.msMacroName.isEmpty()) ++ rImp.NotifyMacroEventRead(); + } + + SvXMLImportContextRef SdXMLEventContext::CreateChildContext( sal_uInt16 nPrefix, const OUString& rLocalName, const Reference< XAttributeList>& xAttrList ) diff --git a/debian/patches/series b/debian/patches/series index 1e2a8909c..acff7ef0c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -76,3 +76,4 @@ ignore-LO-special-purpose-hyperlinks-per-default.diff reuse-AllowedLinkProtocolFromDocument-1.diff reuse-AllowedLinkProtocolFromDocument-2.diff work-around-expired-certificiate-in-test.diff +add-notify-for-script-use.diff -- cgit v1.2.3