← Back to branch summary

~ubuntu-branches/ubuntu/natty/libreoffice-l10n/natty-security

Viewing all changes in revision 11.

  • Committer: Package Import Robot
  • Author(s): Jamie Strandboge
  • Date: 2012-06-20 16:58:25 UTC
  • mfrom: (10.1.1 natty-proposed)
  • Revision ID: package-import@ubuntu.com-20120620165825-snmwzlivwnvbz10n
Tags: 1:3.3.3-1ubuntu1.2
* SECURITY UPDATE: fix integer overflows in graphic loading code
  - debian/patches/CVE-2012-1149.patch: adjust vcl/source/gdi/pngread.cxx to
    fail earlier on oversized images and properly verify chunks. Also adjust
    basebmp/source/bitmapdevice.cxx to to properly verify height and width.
    Properly verify width and height in
    svtools/source/filter.vcl/jpeg/jpeg.cxx
  - CVE-2012-1149
* SECURITY UPDATE: fix integer overflow when processing Escher graphics
  records in PowerPoint documents
  - debian/patches/CVE-2012-2334.patch: properly verify record lengths in
    filter/source/msfilter/msdffimp.cxx and msdffimp.hxx
  - CVE-2012-2334

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: