Age | Commit message (Collapse) | Author |
|
Fixes CVE-2020-27778, CVE-2020-35702
and changelogs mention lots of fuzzing fixes.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108912
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 48e8b32a9b66722bbb28fc15840b3706a461aeb7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108904
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit fb185106492f5aabac6ab57ae90cd81d51480093)
Change-Id: Ib07bdee726905e74afc13a01bbbd53f218121744
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108956
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
external: update pdfium to 4203
(cherry picked from commit 4488be8a9279be0bd0aebd476589a49d2b95da6e)
Update one mention of pdfium-4137.tar.bz2
...left behind by 4488be8a9279be0bd0aebd476589a49d2b95da6e "external: update
pdfium to 4203"
(cherry picked from commit ba4b3d5f7a0fe8d0d985e98897e041d59093d8b0)
external: update pdfium to 4260
(cherry picked from commit f19381e46930bb496e7331754843920933fb4be2)
external: update pdfium to 4306
(cherry picked from commit fe531957e3dcd42927cf15ab31d04473433d81f9)
Conflicts:
include/vcl/pdf/PDFAnnotationSubType.hxx
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105913
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit b4f50e78e9cd391964128bd0d1446d4dca110cef)
Change-Id: Ic10cf99fa412f8f0b3475e82d0a1839a7f04bd08
|
|
This is a combination of 6 commits, which brings pdfium to the same
version as libreoffice-7-0.
This is the 1st commit message:
external: update pdfium to 4021
(cherry picked from commit 1cb70721ba00dd6c6958f0a10e39aa5c1866ec96)
This is the commit message #2:
external/pdfium: C++20 comparison operator fix
Missing const leads to overload resolution ambiguity when a synthesized
candidate of operator == for a reversed-argument rewrite conflicts with the
actual operator ==, due to the asymmetric const-ness of the implicit object
parameter and the RHS parameter:
> In file included from workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.cpp:7:
> In file included from workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.h:11:
> llvm/inst/include/c++/v1/vector:1369:27: error: use of overloaded operator '!=' is ambiguous (with operand types 'std::__1::__vector_base<unsigned char, FxAllocAllocator<unsigned char> >::allocator_type' (aka 'FxAllocAllocator<unsigned char>') and 'std::__1::__vector_base<unsigned char, FxAllocAllocator<unsigned char> >::allocator_type')
> if (__base::__alloc() != __c.__alloc())
> ~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~
> llvm/inst/include/c++/v1/vector:1359:5: note: in instantiation of member function 'std::__1::vector<unsigned char, FxAllocAllocator<unsigned char> >::__move_assign' requested here
> __move_assign(__x, integral_constant<bool,
> ^
> workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.cpp:384:24: note: in instantiation of member function 'std::__1::vector<unsigned char, FxAllocAllocator<unsigned char> >::operator=' requested here
> m_FontDataAllocation = std::vector<uint8_t, FxAllocAllocator<uint8_t>>(
> ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:74:8: note: candidate function
> bool operator!=(const FxAllocAllocator& that) { return false; }
> ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:73:8: note: candidate function
> bool operator==(const FxAllocAllocator& that) { return true; }
> ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:73:8: note: candidate function (with reversed parameter order)
(cherry picked from commit 6e0461d576d9f386e458f98f3c57f0ba385aacb4)
This is the commit message #3:
pdfium: don't patch out the COMPONENT_BUILD check, define it
So next time we update, no need to adapt a failing patch.
(cherry picked from commit 9b4ab9bda41a818832c721933986c9c6e07a6e6c)
This is the commit message #4:
make update_pch also consider files in <module>/src/**/inc
With --enable-pch=full there's not much difference between a "public"
header in <module>/inc and a private one in <module>/src/somewhere/inc .
And since the script searches recursively, this apparently helps to
find even more headers for lower pch levels.
[ Just the pdfium part. ]
(cherry picked from commit 69e0d871ec1de2260f9213d3113464155eac173c)
This is the commit message #5:
external: update pdfium to 4083
(cherry picked from commit 9054c36d4ea3bee25fb9a47a96a0ea2cd07148c3)
This is the commit message #6:
external: update pdfium to 4137
(cherry picked from commit 1ffe59ef31186e36ad0aa7bbcdd32e407ee8d26c)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102373
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 434d611e22c4fe76a11d2de26b9f185bb04e5ad3)
Change-Id: I8483d0aa5b4fea5a59107c20a8aa5f1ef694af0a
b7c12461e04fa97bf55ee967e8d6c9bcf92fdf4a
|
|
Also simplify visibility.patch.1.
Reviewed-on: https://gerrit.libreoffice.org/82548
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 71cb2705af38df7f382014fb68f43bed98abf9b4)
Change-Id: I8b4ed78b314a1a1f7d31467f782877f056429cc2
|
|
Reviewed-on: https://gerrit.libreoffice.org/78806
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 735af14843eab3e75ac9ed6f0773ce7bb3241c8a)
Change-Id: I9d47d9afed47e01657b42fbfdb06e7fc91a150c8
|
|
Reviewed-on: https://gerrit.libreoffice.org/75736
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 0ee0ca3036629b69bf20b448d74991fd133f08ac)
Change-Id: I616f57bd9de72b078500a290bf9ff89c71773f26
|
|
Reviewed-on: https://gerrit.libreoffice.org/72619
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 3dbe66b7895a412ad7ad9aede4be383489d805de)
Change-Id: Ie4c42943445813c7c50bf06cb710cedf2a61f3a9
|
|
Change-Id: Iaaac797812b2addd1e5693dbb4338fc1c506a26d
Reviewed-on: https://gerrit.libreoffice.org/69134
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 8743247493ba90098e3e32cf30de0e8995569852)
|
|
Reviewed-on: https://gerrit.libreoffice.org/66408
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 2044475c8cb33b76591aa6de77dd43a0bf9f5145)
Change-Id: Ie4f0cc8f06432e182ce7ffcae5269075d12658ef
|
|
Reviewed-on: https://gerrit.libreoffice.org/63547
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
(cherry picked from commit ec11c1aee04eacb00d94a6359f959b990ddb6923)
Change-Id: I99bd67f45796eb85635543a5e4563bb7477cf63e
|
|
Allows dropping all the backports, so only one custom API patch remains.
Reviewed-on: https://gerrit.libreoffice.org/60697
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit 56ac8214ab35387f8861044b62c79fae6d7ccac5)
Change-Id: I13dc4f62be86d0859862cbd95bb14e07bbcf53d6
|
|
Allows dropping 4 API patches + the one that allows building against
system ICU.
Reviewed-on: https://gerrit.libreoffice.org/57588
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit 1445d84cdc906fabf6cc7a59f3c94b4049477701)
Change-Id: Ib5c63ba7daf51b320c07b24486f7398bf71bcfbf
|
|
Fixes CVE-2020-6829, CVE-2020-12400 CVE-2020-12401 CVE-2020-12403.
(also CVE-2020-12402 CVE-2020-12399 in older releases since 3.47)
* external/nss/nss.nspr-parallel-win-debug_build.patch:
remove, merged upstream
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100345
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 495a5944a3d442cfe748a3bb0dcef76f6a961d30)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100420
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit 227d30a3a17f2fffb1a166cdc3e2a796bb335214)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100590
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 94cecbfdf3cf01fe3d5658c7edf78696da2a249f)
Change-Id: I8b48e25ce68a2327cde1420abdaea8f9e51a7888
|
|
Since NSS 3.53, the Makefile based build should be fixed (upstream
bug 290526). The only missing patch is a minimal NSPR fix for the
"NSPR, configure + make, parallel, Windows, MS VS, debug" build.
That patch isn't incuded in the NSPR 4.25 release (but it's already
in the mercurial repo for NSPR 4.26).
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/95218
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de>
(cherry picked from commit b56e8d6def26a0430853835e997f1be841840a61)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100419
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit c1bce55faebd9ad8751d7b6b9a7f77dff7b3d507)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100589
(cherry picked from commit 3e4dbb1708d4b3b7619602b63602b884a7bb2caa)
Change-Id: I8eaa3792a12bdff734e56ac3f552991478957e23
|
|
Fixes CVE-2020-8169, and about 3 other ones that don't affect LO/libcmis.
Disable new optional dependencies "ngtcp2" and "quiche".
Change-Id: I595ed909c4e792ac3244643511a338b117e7f102
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97406
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit cb0c7e26e5708010b1fe941ae2f66134f31ed876)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97386
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 43130216127913d30074d3fe99c5706dcce44dee)
|
|
Fixes CVE-2019-11745.
Remove nss.fix-freebl-add-lcc-support.patch.1, fixed upstream.
Reviewed-on: https://gerrit.libreoffice.org/83673
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit a6238c3fba80889f9090d997e2a4979b78b34ac7)
Change-Id: I72e35c90fabb0a83f547a787dbaee774e35f9c08
|
|
fixes CVE-2019-9903 CVE-2019-9631 CVE-2019-9545 CVE-2019-9543
CVE-2019-14494 CVE-2019-12293 CVE-2019-11026 CVE-2019-10873
CVE-2019-10872 CVE-2019-10871 CVE-2019-10018
remove obsolete 0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1
Reviewed-on: https://gerrit.libreoffice.org/83308
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 28e52c49452320ac76489d0f93ca5692456e5331)
Reviewed-on: https://gerrit.libreoffice.org/83336
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit f3b2d61376c6d7ae262f58406d89ef0caa8b0aaf)
Change-Id: I72b3bf89b294ed3e24157c7e75fd58d4f68d9f35
|
|
Fixes CVE-2019-18197.
Remove obsolete e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1.
Change-Id: I95cf498e245083528f98bfef8cdd240bbe2211b9
Reviewed-on: https://gerrit.libreoffice.org/83312
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit e9ea24cc004a8b9a5856f2f268bd40433c504db1)
Reviewed-on: https://gerrit.libreoffice.org/83377
(cherry picked from commit d19b32c779bfeb51ef9570c3de8ed1925ec44473)
|
|
... which is, surprisingly enough, required to build the latest libxslt.
Reviewed-on: https://gerrit.libreoffice.org/83311
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit d1bf39a78ed239d4493f0470ca937852265e79d6)
Reviewed-on: https://gerrit.libreoffice.org/83347
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit e9dc4662d4ba3bde91407911f1bc1a7aa25fa0ce)
Change-Id: Ifbb36ed61b8f68185f9c788f63a8edeb58899f94
|
|
Fixes CVE-2019-9948 CVE-2019-9740 CVE-2019-10160 CVE-2019-16056
and expat CVE-2019-15903.
python-3.3.5-pyexpat-symbols.patch.1 fails to apply, and it's a
mystery why --with-system-expat is used everywhere but on MacOSX,
where 292af048ace2d4b455b2da3a22c784cb05db1d09 disabled it for no
obvious reason, so try to remove the special case and get rid of the
patch.
Reviewed-on: https://gerrit.libreoffice.org/83117
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit b0930d56130fdddfe65e92b081a8afad77974076)
Reviewed-on: https://gerrit.libreoffice.org/83189
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 0d4b1f624349361e5bf11b58ccc9e0e295c0e4aa)
Remove external/python3/python-3.5.7-c99.patch.1 - was apparently
reverted upstream.
Change-Id: I5ba4532eb6e7c2fb90daba95d132dcc7c9013d96
|
|
Change-Id: Ia98c9718ccd8e18b5f56851027bde944164f05c4
Reviewed-on: https://gerrit.libreoffice.org/78978
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 4436a29401beffd0893ecae70cd09c7a49f49f22)
|
|
Fixes CVE-2019-11729 CVE-2019-11719 CVE-2019-11727, and the less
important CVE-2018-12384 and CVE-2018-12404 from intermediate releases.
Since NSS 3.44 it's possible to build as static libraries and for iOS;
drop the nss-chromium-nss-static.patch and nss-more-static.patch and
hope that it works.
Drop one hunk from nss.patch that looks fixed upstream.
Reviewed-on: https://gerrit.libreoffice.org/75344
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 6efc8a33f69bc7f4be45b7b81f67cd74c163b99e)
Change-Id: I7f37ac36f7f8dfd49d0bfb4a6185ca49d4f618a3
Reviewed-on: https://gerrit.libreoffice.org/75410
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Fixes CVE-2019-5435. It looks like this is not a problem on 32-bit
Windows because fortunately we don't use /LARGEADDRESSAWARE flag
to set IMAGE_FILE_LARGE_ADDRESS_AWARE... but on 32-bit Linux
the user-space VM is 3GB so an exploit might be possible.
Apparently there's no code in LO that uses the CURLU_URLENCODE flag.
The other one, CVE-2019-5436, doesn't matter because we disable tftp.
Change-Id: I0d4f087befa5a3c4fb21ec36761dad68932425d9
Reviewed-on: https://gerrit.libreoffice.org/72732
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit edb01616ac176401650c35d938c75c6c5558a47e)
|
|
Fixes CVE-2019-7317.
Change-Id: I3374f5cbd6552e2c1569d63ee680d0c1d9389621
Reviewed-on: https://gerrit.libreoffice.org/71663
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit e2abbc0062398ea67cb13cb5b0b7bfdce78e652c)
Reviewed-on: https://gerrit.libreoffice.org/71669
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I4713b15061e831e1dfeccf8d59e46c0aa2ac4a18
Reviewed-on: https://gerrit.libreoffice.org/70351
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
(cherry picked from commit 86015855a98795d00a28f1bb65c41df947563d66)
Reviewed-on: https://gerrit.libreoffice.org/70355
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
|
|
Fixes CVE-2019-9636 CVE-2019-5010 CVE-2018-14647
Change-Id: If0a115960aed1ee90b63e6716c844669f0ec91e5
Reviewed-on: https://gerrit.libreoffice.org/70182
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 3c7354a85a9bd47a2676aadaad2f6622fe2d959c)
Reviewed-on: https://gerrit.libreoffice.org/70194
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Fixes CVE-2019-7310.
Add patch to fix CVE-2019-9200 too.
CVE-2018-20662 looks irrelevant because we don't build pdfunite tool.
Reviewed-on: https://gerrit.libreoffice.org/69094
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit f9b354784faf65ecc8024cf6d7d7aaf589f6d91f)
Change-Id: I5e7ddabbb341f6bfefb376d552b50c4006f41906
Reviewed-on: https://gerrit.libreoffice.org/69119
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Fixes CVE-2019-1559, plus a couple low-severity CVEs.
Change-Id: Icb6849ca5f33cb1169ce303505b2e32636e3b25b
Reviewed-on: https://gerrit.libreoffice.org/68430
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit e3b6c3ec9fd795601b0749675903fb49c72718fd)
Reviewed-on: https://gerrit.libreoffice.org/68441
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
This fixes some minor CVEs.
Not including the fix for CVE-2018-18064, which does not affect LO
because we use the default implementation of FT_Memory which uses
free/malloc.
Change-Id: Ic047ed52cff3fdeba068f1b8d303c6c96c69addd
Reviewed-on: https://gerrit.libreoffice.org/68088
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit caeaa7b90e42c60ec407e1f0cd5b5db2b30f55d2)
Reviewed-on: https://gerrit.libreoffice.org/68217
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Reviewed-on: https://gerrit.libreoffice.org/58134
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 00f6bec6b70130327313b9e203625272ef05ae93)
fix own-cairo edge case build
Reviewed-on: https://gerrit.libreoffice.org/59663
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 30020423bd76c6770db1627cfec684708ab3427c)
Change-Id: I001da359569d37afe482cdbb50e9c8b3ced24aff
Reviewed-on: https://gerrit.libreoffice.org/68216
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Jenkins
|
|
Apple can't afford the costly GPG licenses to sign releases apparently,
but the sha256 matches some OpenWRT and FreshPorts repos...
Fixes CVE-2015-7988.
Removing windows build patches, fixed upstream (except for the last hunk
of the SOCKET patch, but that is in code that is only used on MacOSX).
Change-Id: I9fdba5929badb75f995c66da0850d188780e7beb
Reviewed-on: https://gerrit.libreoffice.org/68092
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 3a85c2db176db708c0ff9401c40858eb60e80f1e)
Reviewed-on: https://gerrit.libreoffice.org/68139
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Fixes CVE-2017-15232, which looks rather minor.
Change-Id: Icffb0c5160bef79577431a02eb10ed9492e01d11
Reviewed-on: https://gerrit.libreoffice.org/68091
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit e0b96b9863ebe52c4e35c21b3084da9e53ebee1f)
Reviewed-on: https://gerrit.libreoffice.org/68109
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
fixes CVE-2018-16890 and CVE-2019-3822
Change-Id: I4c0021a5002590659cbfbdf642a7704a05309bf2
Reviewed-on: https://gerrit.libreoffice.org/67444
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 6ac54b9c8bce9425d3415d1e9bd8da318c44ed47)
Reviewed-on: https://gerrit.libreoffice.org/67448
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I6cdfc50b2385c426e20ce0e9b216b18c763249b8
Reviewed-on: https://gerrit.libreoffice.org/66519
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Jenkins
|
|
Change-Id: If20998f8565b5534a96b3f29ccec572273edca1d
Reviewed-on: https://gerrit.libreoffice.org/66306
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 0609ea4fc27f34367716bf41c0cdaa7785aed9da)
Reviewed-on: https://gerrit.libreoffice.org/66369
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
|
|
... at least, that's the plan - this is harder than it appears, as the
upstream maintainer appears to have released version 2.9 at least 3
times:
- Fedora has a file evidently downloaded before Nov. 17 with SHA512 of e30ad5a9a1ab9e7aaace9431434caa19a5ff6143db46644aba971a5ee37a265b26bf738e886d766405a7eb45a9d620d67c7ab3684ace86a107cf5a76642c04a5
- Gentoo has a file evidently downloaded before Nov. 19 with SHA256 of d4ad6f8718f7f9dc8b2a3276c9f237aa3f5eccdcf98b86dedc4262d8a1e7f009
- Debian has a file evidently downloaded before Dec. 17 with SHA256 of 48c6fdf98396fa245ed86e622028caf49b96fa22f3e5734f853f806fbc8e7d20
The lcms2-2.9.tar.gz available from sourceforge currently matches the
one Debian has, so let's use it.
* 0017-Upgrade-Visual-studio-2017-15.8.patch added (fixing CVE-2018-16435)
* 0001-Added-an-extra-check-to-MLU-bounds.patch.1 removed (fixed upstream)
Change-Id: Iab8dada8f6d77d5b2da8560993380b3332bc02f6
Reviewed-on: https://gerrit.libreoffice.org/66400
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 99b20e589e64fbcf374d84ae68911ef2a96e537c)
Reviewed-on: https://gerrit.libreoffice.org/66428
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Ifc64dae74df341e107857e43223ead04b9c1061e
Reviewed-on: https://gerrit.libreoffice.org/66309
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 3f720ac5ff65ddb2c0a06e48d0e2e9bec29f3a43)
Reviewed-on: https://gerrit.libreoffice.org/66364
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
* fixes CVE-2018-14404
* drop one hunk from libxml2-android.patch that was added in commit
6a17d2f2ba7acfec277314b97b50e41532d6b44d; presumably nan() exists now
given that other code is calling it.
Change-Id: I696cc4e1da55536ea1c89a6e0446ce5bc8398ba4
Reviewed-on: https://gerrit.libreoffice.org/66308
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit beea5852720b22043aefcd1e6b7243c202b40601)
Reviewed-on: https://gerrit.libreoffice.org/66367
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
fixes CVE-2018-16840
Change-Id: Ica995a28a71eb5d5277d045d57fee9ba0f88883f
Reviewed-on: https://gerrit.libreoffice.org/66328
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 5e96a5c664aea950111199e56bda412512a849b0)
Reviewed-on: https://gerrit.libreoffice.org/66365
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Reviewed-on: https://gerrit.libreoffice.org/60042
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit d15d3ce697e88e72cec84b5b9b9619a37a8ae7ed)
Conflicts:
download.lst
Change-Id: I4590f5f705dd08c63a1532ce5afa94a3af953f24
Reviewed-on: https://gerrit.libreoffice.org/60054
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Ifacf5dce39d830838b3cf57df760a04df97ade4b
Reviewed-on: https://gerrit.libreoffice.org/59927
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Fixes CVE-2018-0495 and "the ASN.1 code".
Remove one hunk of nss-android.patch.1 that should be obsolete with the
current Android toolchain baseline.
Change-Id: I5516edec17b72f53acd2749e8840805eead077bc
Reviewed-on: https://gerrit.libreoffice.org/58697
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 3ef76067bfa1f9f60ec3989bd6b40a5760137903)
Reviewed-on: https://gerrit.libreoffice.org/58719
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
|
|
Change-Id: I127cf3fa3ae00e91c73114e1a1915ea614924819
Reviewed-on: https://gerrit.libreoffice.org/57771
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit b96bbb1ff391036cbba832bc22100792880f0fe6)
Reviewed-on: https://gerrit.libreoffice.org/58329
|
|
New languages: Albanian, Galician (by Adrián Chaves),
Norwegian Bokmål and Nynorsk, Ukrainian (based on Russian).
Reviewed-on: https://gerrit.libreoffice.org/56785
Tested-by: Jenkins
Reviewed-by: László Németh <nemeth@numbertext.org>
(cherry-picked from the commit 77f81dabfd75ef756f6ed7ba9086db19a58984c9)
Change-Id: I6b40dfdafe3023edc661b0a9e9f2dedbc94364f8
Reviewed-on: https://gerrit.libreoffice.org/56808
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
|
|
Fixes CVE-2017-1000158.
Change-Id: I1871f031e3431253a3403f2ea2b586bcc4aa1016
Reviewed-on: https://gerrit.libreoffice.org/56609
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 744feb55a11263ae0947ab59db76b949b5863acf)
Reviewed-on: https://gerrit.libreoffice.org/56672
|
|
Change-Id: I4b862f767db3aabfa7a62ea1c97c34279d34cce7
Reviewed-on: https://gerrit.libreoffice.org/56413
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
(cherry picked from commit e90b7ebe137c638523923d7d2fe8bb8d8a8d75cc)
Reviewed-on: https://gerrit.libreoffice.org/56425
|
|
Unfortunately the autotools build system was removed in 0.60.0, and the
CMake one is a bit overeager in linking against system libraries that
happen to be installed on the build machine, and we currently don't
require CMake anyway, so avoid the problems by using a gbuild makefile
and a patch to add the generated header files.
Remove all current patches:
poppler-notests.patch.1: obsolete (autotools build system)
poppler-mac-fake.patch.1: presumed obsolete
ubsan.patch.0: presumably fixed differently upstream in
https://cgit.freedesktop.org/poppler/poppler/commit/?id=f43cb73939f85952d83afc87a6dc638dc1ae311b
poppler-libjpeg.patch.1: obsolete (autotools build system; there appears
to be no way to do this with CMake?)
0001-Fix-building-with-old-clang.patch.1: merged upstream
Change-Id: I271c87ab3ec25cc9d1e8fafb04dae7c004acc350
Reviewed-on: https://gerrit.libreoffice.org/56166
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 67e5355a8b0d51111934e0a0c30870b053c8e0d3)
Reviewed-on: https://gerrit.libreoffice.org/56228
|
|
– new Bulgarian and Icelandic language support
– fixes of language data based on libreoffice-l10n's patches
and feedback (see ChangeLog in the external package for details)
Reviewed-on: https://gerrit.libreoffice.org/54936
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: László Németh <nemeth@numbertext.org>
(cherry-picked from the commit ae50762741a967a20bae9f39f1f8f7aa7dd4e763)
Change-Id: I98598747c8b4e8e7fba380998c6ebbc1f63fef2e
Reviewed-on: https://gerrit.libreoffice.org/55642
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
|
|
Change-Id: Ib294f412055ef23a6ca5608675bc924dacae56f4
Reviewed-on: https://gerrit.libreoffice.org/55248
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit 5ea927288a35ea7d5d8747185278b920c1779f50)
Reviewed-on: https://gerrit.libreoffice.org/55250
|
|
This fixes the following CVEs:
* FTP: shutdown response buffer overflow CVE-2018-1000300
* RTSP: bad headers buffer over-read CVE-2018-1000301
Change-Id: Ic3229577083286501162aa5979a94ce934739557
Reviewed-on: https://gerrit.libreoffice.org/54418
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|