summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-03 13:52:59 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-03 13:52:59 +0000
commitee4e894e50634004b41321a6714fdaffc44aa362 (patch)
tree64e1ccca7e41f58d5fd3845899c4f60e1e9387a1
parentAdding debian version 4:7.4.7-1+deb12u1. (diff)
downloadlibreoffice-ee4e894e50634004b41321a6714fdaffc44aa362.tar.xz
libreoffice-ee4e894e50634004b41321a6714fdaffc44aa362.zip
Adding debian version 4:7.4.7-1+deb12u2.debian/4%7.4.7-1+deb12u2debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r--debian/changelog8
-rw-r--r--debian/patches/add-notify-for-script-use.diff30
-rw-r--r--debian/patches/series1
3 files changed, 39 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index a2e78a5a9..548eac75d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+libreoffice (4:7.4.7-1+deb12u2) bookworm-security; urgency=high
+
+ * debian/patches/add-notify-for-script-use.diff: add fix for
+ CVE-2024-3044 ("Graphic on-click binding allows unchecked script
+ execution")
+
+ -- Rene Engelhard <rene@debian.org> Mon, 01 Apr 2024 11:05:27 +0200
+
libreoffice (4:7.4.7-1+deb12u1) bookworm-security; urgency=high
* debian/patches/escape-url-passed-to-gstreamer.diff: add from
diff --git a/debian/patches/add-notify-for-script-use.diff b/debian/patches/add-notify-for-script-use.diff
new file mode 100644
index 000000000..e5751ec90
--- /dev/null
+++ b/debian/patches/add-notify-for-script-use.diff
@@ -0,0 +1,30 @@
+From 8b2402b16df185119c91222b33ff1b8d55e0afe4 Mon Sep 17 00:00:00 2001
+From: Caolán McNamara <caolan.mcnamara@collabora.com>
+Date: Wed, 27 Mar 2024 17:07:20 +0000
+Subject: add notify for script use
+
+Change-Id: I84af197cec7755f6803a578e1e21c03966ad5f3e
+Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165412
+Tested-by: Jenkins
+Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
+---
+ xmloff/source/draw/eventimp.cxx | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/xmloff/source/draw/eventimp.cxx b/xmloff/source/draw/eventimp.cxx
+index 2b8921ee27fa..2a6ce1fa2381 100644
+--- a/xmloff/source/draw/eventimp.cxx
++++ b/xmloff/source/draw/eventimp.cxx
+@@ -210,6 +210,9 @@ SdXMLEventContext::SdXMLEventContext( SvXMLImport& rImp,
+
+ if( maData.mbValid )
+ maData.mbValid = !sEventName.isEmpty();
++
++ if (!maData.msMacroName.isEmpty())
++ rImp.NotifyMacroEventRead();
+ }
+
+ css::uno::Reference< css::xml::sax::XFastContextHandler > SdXMLEventContext::createFastChildContext(
+--
+cgit v1.2.3
+
diff --git a/debian/patches/series b/debian/patches/series
index c77a6efcb..b68839fd7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -58,3 +58,4 @@ ignore-LO-special-purpose-hyperlinks-per-default.diff
reuse-AllowedLinkProtocolFromDocument-1.diff
reuse-AllowedLinkProtocolFromDocument-2.diff
work-around-expired-certificiate-in-test.diff
+add-notify-for-script-use.diff