|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2014-7679 (libreoffice)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 19 Update: libreoffice-4.1.6.2-7.fc19 


Date:
    	      Thu, 03 Jul 2014 04:07:45 +0000


Message-ID:
    	      <20140703040745.57C36215B1@bastion01.phx2.fedoraproject.org>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-7679
2014-06-24 22:29:17
--------------------------------------------------------------------------------

Name        : libreoffice
Product     : Fedora 19
Version     : 4.1.6.2
Release     : 7.fc19
URL         : http://www.libreoffice.org/default/
Summary     : Free Software Productivity Suite
Description :
LibreOffice is an Open Source, community-developed, office productivity suite.
It includes the key desktop applications, such as a word processor,
spreadsheet, presentation manager, formula editor and drawing program, with a
user interface and feature set similar to other office suites.  Sophisticated
and flexible, LibreOffice also works transparently with a variety of file
formats, including Microsoft Office File Formats.

--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2014-0247 which allowed for unconditional execution of VBA macros when
opening certain documents.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 24 2014 Stephan Bergmann <sbergman@redhat.com> - 1:4.1.6.2-7
- Resolves: rhbz#1112450 CVE-2014-0247 VBA macros executed unconditionally
* Wed Jun 11 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.1.6.2-6
- Resolves: rhbz#1107340 crash in styles and formatting in impress
* Mon Jun  9 2014 David Tardon <dtardon@redhat.com> - 1:4.1.6.2-5
- Resolves: rhbz#1105376 FlatODF import/export does not work unless
  libreoffice-xsltfilter is installed
* Wed May 28 2014 Eike Rathke <erack@redhat.com> - 1:4.1.6.2-4
- Resolves: fdo#70455 loading .xlsx some formulas with range operator are corrupted
* Tue May 27 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.1.6.2-3
- Resolves: rhbz#1084822 Pictures Replaced With Placeholder After Save, Close & Re-Open.
* Tue May  6 2014 Eike Rathke <erack@redhat.com> - 1:4.1.6.2-2
- Resolves: fdo#78294 default null-date for document import is 1899-12-30
- Resolves: fdo#76663 let's not skip the first element of a matrix in PRODUCT
* Tue Apr 29 2014 David Tardon <dtardon@redhat.com> - 1:4.1.6.2-1
- new upstream release
* Sat Mar 15 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.1.5.3-7
- Related: rhbz#1076264 intermittent a11y crash in calc
* Mon Mar 10 2014 Michael Stahl <mstahl@redhat.com> - 1:4.1.5.3-6
- Resolves: rhbz#988516: DOCX import: fix context stack when importing header
- Resolves: fdo#65655: Different_Odd_And_Even_Pages flag ignored
- RTF import: fix nested tables
- RTF import: import field parameters
* Fri Mar  7 2014 David Tardon <dtardon@redhat.com> - 1:4.1.5.3-5
- fix build on s390
* Tue Mar  4 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.1.5.3-4
- Related: rhbz#1065807 search for "wizards" in the different template dirs
* Mon Mar  3 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.1.5.3-3
- Resolves: rhbz#1065807 search XDG defined "Templates"
- Resolves: rhbz#1057977 do not crash when fonts are updated
- Resolves: rhbz#1007697 Update on a Window deletes itself
* Tue Feb 18 2014 David Tardon <dtardon@redhat.com> - 1:4.1.5.3-2
- Resolves: rhbz#1065925 [abrt] libreoffice-core: Divide(): soffice.bin killed
  by SIGFPE
* Tue Feb 11 2014 David Tardon <dtardon@redhat.com> - 1:4.1.5.3-1
- new upstream release 4.1.5
* Thu Jan 30 2014 David Tardon <dtardon@redhat.com> - 1:4.1.4.2-6
- split LibreLogo into a separate subpackage
- create a metapackage depending on all subpackages containing filters,
  for use of packages like unoconv
- Resolves: rhbz#1050162 don't draw to NULL window
- Resolves: rhbz#1017379 libreoffice impress imports animated motion paths
  incorrectly from powerpoint
- Resolves: fdo#33852 Custom animation (Motionpath Left) isn't being
  imported correctly from .ppt
* Thu Jan 23 2014 David Tardon <dtardon@redhat.com> - 1:4.1.4.2-5
- Related: rhbz#1047017 actually apply the patch
* Mon Jan 13 2014 Caolán McNamara <caolanm@redhat.com> - 1:4.1.4.2-4
- Resolves: rhbz#1038176 fix crash in loading certain charts
- Related: rhbz#1047871 conditional formatting doesn't fix on screen
* Tue Jan  7 2014 David Tardon <dtardon@redhat.com> - 1:4.1.4.2-3
- Resolves: rhbz#1047017 All the selected toolbars became unselected
  coming out from the full screen option
* Wed Dec 18 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.4.2-2
- Resolves: rhbz#1040708 rebuild against new libstdc++ to fix std::nth_element
* Mon Dec 16 2013 David Tardon <dtardon@redhat.com> - 1:4.1.4.2-1
- update to 4.1.4
- Related: rhbz#1039517 Malayalam short-cut keys are unavailable
* Thu Dec 12 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.3.2-12
- make dragging and dropping slides stop crashing
* Tue Dec 10 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.3.2-11
- Resolves: rhbz#1039902 Corrected connector layout after reload
* Wed Dec  4 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.3.2-10
- Resolves: rhbz#912529 Kerkis SmallCaps shown instead of Kerkis Regular
- Resolves: rhbz#1038189 refresh printer list when print dialog launched
* Tue Dec  3 2013 David Tardon <dtardon@redhat.com> - 1:4.1.3.2-9
- rhbz#1000893 do not pull in unneeded packages
* Wed Nov 27 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.3.2-8
- Related: rhbz#1032774 bodge around reported NULL
- Resolves: rhbz#1030009 SwXTextDocument crash at exit
- Resolves: rhbz#1035092 no shortcut key for Italian 'Tools' menu
* Fri Nov 22 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.3.2-7
- Resolves: rhbz#958300 fix GTK non Latin keyboard layout shortcuts
- Resolves: rhbz#977068 fix qt/kde crash
* Thu Nov 21 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.3.2-6
- Resolves: rhbz#1008102 Revert transpose data in rows ranges
- Resolves: rhbz#1031174 suspicious input handler crashes
* Wed Nov 20 2013 Stephan Bergmann <sbergman@redhat.com> - 1:4.1.3.2-5
- Resolves: rhbz#1031989 Accept --pt in addition to deprecated -pt
- Related: rhbz#1014990 valgrind reports uninitialized variables
* Sun Nov  3 2013 David Tardon <dtardon@redhat.com> - 1:4.1.3.2-4
- adapt for libmwaw 0.2
* Thu Oct 31 2013 David Tardon <dtardon@redhat.com> - 1:4.1.3.2-3
- Resolves: fdo#56209 reviving FilterFormulaParser
* Thu Oct 31 2013 Stephan Bergmann <sbergman@redhat.com> - 1:4.1.3.2-2
- Resolves: fdo#67725 unoidl::AggregatingCursor must wrap modules for aggregation
- Resolves: rhbz#1021915 force menubar menus to be up/down only
- Resolves: rhbz#1025201 Incorrect rendering of Devanagari short i
* Wed Oct 23 2013 David Tardon <dtardon@redhat.com> - 1:4.1.3.2-1
- 4.1.3 rc2
- Resolves: rhbz#1022094 libreoffice-4.1.3.1-1 was built without
  langpacks
* Mon Oct 21 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.3.1-2
- Resolves: rhbz#1020712 wrong default CTL font shown in editengine
- Resolves: rhbz#919070 display -1 means span all screens
* Wed Oct 16 2013 David Tardon <dtardon@redhat.com> - 1:4.1.3.1-1
- 4.1.3 rc1
* Mon Oct  7 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.2.3-4
- Resolves: rhbz#1001768: fix various a11y deadlocks and crashes
- Resolves: rhbz#1016022 fix cut from impress and paste to writer
- Resolves: rhbz#1003179 fix AUTOFMT related crashes in Writer Undo
* Mon Oct  7 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.2.3-3
- Resolves: rhbz#1015281 crash on clicking custom animation
- Resolves: rhbz#996162 crash with no bullet font
* Wed Oct  2 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.2.3-2
- Resolves: rhbz#1013480 crash in EditLineList::operator[]
- Resolves: rhbz#1014010 crash on start up
- Resolves: rhbz#1013844 encrypted OOo 1.0 files don't reopen
* Mon Sep 30 2013 David Tardon <dtardon@redhat.com> - 1:4.1.2.3-1
- 4.1.2 rc3
* Fri Sep 20 2013 David Tardon <dtardon@redhat.com> - 1:4.1.2.2-1
- 4.1.2 rc2
* Tue Sep 17 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.1.2-5
- Resolves: rhbz#988104 crash in certain pptx
- Resolves: rhbz#1008248 Writer Chinese Conversion crash
* Thu Sep 12 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.1.2-4
- Resolves: rhbz#1006850 crash in SwCommentRuler
* Tue Sep  3 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.1.2-3
- Resolves: rhbz#993963 NULL m_pWindow on firefox close plugin window
* Fri Aug 23 2013 Stephan Bergmann <sbergman@redhat.com> - 1:4.1.1.2-2
- Resolves: rhbz#1000150, Do not call exit upon XIOError
* Thu Aug 22 2013 David Tardon <dtardon@redhat.com> - 1:4.1.1.2-1
- 4.1.1 rc2
- Related: rhbz#895690 Always try to do a mount when opening a file via GIO
- Resolves: rhbz#998136 wrong index to gWidgetData
- Resolves: rhbz#998046 store last size/position of the base windows
* Mon Aug 19 2013 Marek Kasik <mkasik@redhat.com> - 1:4.1.1.1-2
- Rebuild (poppler-0.24.0)
* Fri Aug  9 2013 David Tardon <dtardon@redhat.com> - 1:4.1.1.1-1
- 4.1.1 rc1
* Fri Aug  9 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.0.4-6
- Resolves: fdo#67743 user autocorr file not written
* Tue Jul 30 2013 Stephan Bergmann <sbergman@redhat.com> - 1:4.1.0.4-5
- Resolves: rhbz#989246 Honor user's JavaDriverClass override in mysql driver
- Resolves: fdo#67045 fix several nasty screen selection issues
* Tue Jul 30 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.0.4-4
- Resolves: rhbz#989686 Fix crash with stripping whitespace from toc entries
* Mon Jul 29 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.4-3
- make libwpd-based filters work correctly with newest libwpd
* Sun Jul 28 2013 Petr Machata <pmachata@redhat.com> - 1:4.1.0.4-2
- Rebuild for boost 1.54.0
* Wed Jul 24 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.4-1
- 4.1.0 rc4
* Mon Jul 22 2013 Eike Rathke <erack@redhat.com> - 1:4.1.0.3-2
- force rebuild with icu-50.1.2-7
* Thu Jul 18 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.3-1
- 4.1.0 rc3
- Resolves: fdo#48835 GNOME3 app menu
* Thu Jul 18 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.0.2-5
- silence scary gcc warning
- fdo#66924 switching to master view is broken
* Tue Jul 16 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.2-4
- bump release
* Fri Jul 12 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.2-3
- Resolves: rhbz#983809 libreoffice-base misses deps on needed java packages
* Thu Jul 11 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.2-2
- Resolves: rhbz#980387 Exporting a odg to jpg or tiff generates error
* Thu Jul  4 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.2-1
- 4.1.0 rc2
* Mon Jul  1 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.0.1-8
- Resolves: rhbz#979758 crash on Diagrammen in LibreOffice help page
* Thu Jun 27 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.1-7
- bump revision
* Mon Jun 24 2013 Marek Kasik <mkasik@redhat.com> - 1:4.1.0.1-6
- Rebuild (poppler-0.22.5)
* Mon Jun 24 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.1-5
- fix build on big endian archs
* Mon Jun 24 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.1-4
- put glade catalog into an extra packgae
* Sun Jun 23 2013 Caolán McNamara <caolanm@redhat.com> - 1:4.1.0.1-3
- Resolves: rhbz#976304 gallery elements may not insert
* Wed Jun 19 2013 Dennis Gilmore <dennis@ausil.us> - 1:4.1.0.1-2
- fix _smp_mflags macro useage
* Wed Jun 19 2013 David Tardon <dtardon@redhat.com> - 1:4.1.0.1-1
- 4.1.0 rc1
- Related: rhbz#971321 failing tests on ppc and s390
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1111083 - CVE-2014-0247 libreoffice: VBA macros executed unconditionally
        https://bugzilla.redhat.com/show_bug.cgi?id=1111083
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update libreoffice' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds