1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
Candidate: CVE-2012-5639
PublicDate: 2012-12-13
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5639
http://www.openwall.com/lists/oss-security/2012/12/13
http://www.openwall.com/lists/oss-security/2012/12/13/10
Description:
Remote file inclusion by office applications
Ubuntu-Description:
Notes:
jdstrand> seems more like a feature request. LibreOffice prompts the user
saying that the document contains links to external data and asks if the user
wants to refresh them. The prompt does not say what the files are. The
external content is fetched the first time without prompting.
mdeslaur> See http://whatofhow.wordpress.com/2013/12/02/stealth-mode/ for
improvement that went into 4.2.
mdeslaur> We will not be fixing this in precise, marking as ignored
Bugs:
https://bugs.freedesktop.org/show_bug.cgi?id=58295
Priority: low
Discovered-by:
Assigned-to:
Patches_openoffice.org:
upstream_openoffice.org: needs-triage
hardy_openoffice.org: ignored (reached end-of-life)
lucid_openoffice.org: ignored (reached end-of-life)
oneiric_openoffice.org: not-affected (transitional packages)
precise_openoffice.org: not-affected (transitional packages)
quantal_openoffice.org: DNE
raring_openoffice.org: DNE
saucy_openoffice.org: DNE
trusty_openoffice.org: DNE
utopic_openoffice.org: DNE
devel_openoffice.org: DNE
Patches_libreoffice:
upstream_libreoffice: needs-triage
hardy_libreoffice: DNE
lucid_libreoffice: DNE
oneiric_libreoffice: ignored (reached end-of-life)
precise_libreoffice: ignored
quantal_libreoffice: ignored (reached end-of-life)
raring_libreoffice: ignored (reached end-of-life)
saucy_libreoffice: ignored (reached end-of-life)
trusty_libreoffice: not-affected (1:4.2.6.3-0ubuntu1)
utopic_libreoffice: not-affected (1:4.3.2-0ubuntu1)
devel_libreoffice: not-affected (1:4.3.2-0ubuntu1)
|