Ubuntu
libreoffice package

CVE-2023-0950 and CVE-2023-2255

Bug #2020817 reported by Rico Tzschichholz
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libreoffice (Ubuntu)
Fix Released
Undecided
Unassigned
Bionic
Won't Fix
High
Nishit Majithia
Focal
Fix Released
High
Nishit Majithia
Jammy
Fix Released
High
Nishit Majithia

CVE References

Rico Tzschichholz (ricotz)
Changed in libreoffice (Ubuntu):
status: New → Fix Released
Changed in libreoffice (Ubuntu Bionic):
importance: Undecided → High
Changed in libreoffice (Ubuntu Focal):
importance: Undecided → High
Changed in libreoffice (Ubuntu Jammy):
importance: Undecided → High
Rico Tzschichholz (ricotz)
Changed in libreoffice (Ubuntu Jammy):
assignee: nobody → Rico Tzschichholz (ricotz)
status: New → In Progress
Rico Tzschichholz (ricotz)
Changed in libreoffice (Ubuntu Focal):
assignee: nobody → Rico Tzschichholz (ricotz)
status: New → In Progress
Revision history for this message
Rico Tzschichholz (ricotz) wrote :
Revision history for this message
Eduardo Barretto (ebarretto) wrote :

Thanks Rico!

I'll be sponsoring those and working on the bionic update, probably for ESM as bionic goes to ESM this week.

I will let you know of the progress.
Thanks

Changed in libreoffice (Ubuntu Bionic):
assignee: nobody → Eduardo Barretto (ebarretto)
status: New → In Progress
Changed in libreoffice (Ubuntu Focal):
assignee: Rico Tzschichholz (ricotz) → Eduardo Barretto (ebarretto)
Changed in libreoffice (Ubuntu Jammy):
assignee: Rico Tzschichholz (ricotz) → Eduardo Barretto (ebarretto)
Revision history for this message
Nishit Majithia (0xnishit) wrote :

Thanks Rico for the debdiffs
It looks fine. I will be working on sponsoring those early next week and publish them after some testing

Thanks

Changed in libreoffice (Ubuntu Bionic):
assignee: Eduardo Barretto (ebarretto) → Nishit Majithia (0xnishit)
Changed in libreoffice (Ubuntu Focal):
assignee: Eduardo Barretto (ebarretto) → Nishit Majithia (0xnishit)
Changed in libreoffice (Ubuntu Jammy):
assignee: Eduardo Barretto (ebarretto) → Nishit Majithia (0xnishit)
Revision history for this message
Nishit Majithia (0xnishit) wrote :

Hey @ricotz,

Your focal debdiff is not building and giving errors, you can check the build log here from the test build:
https://launchpadlibrarian.net/670647978/buildlog_ubuntu-focal-amd64.libreoffice_1%3A6.4.7-0ubuntu0.20.04.8~test1_BUILDING.txt.gz

You can find the package here:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages?field.name_filter=libreoffice&field.status_filter=published&field.series_filter=focal

Kindly resolve the error and update the focal debdiff

Thanks

Revision history for this message
Rico Tzschichholz (ricotz) wrote :
Revision history for this message
Rico Tzschichholz (ricotz) wrote :

Hello @0xnishit,

Sorry for the inconvenience, I have updated the patch for focal.

Revision history for this message
Nishit Majithia (0xnishit) wrote :

The update has been released:
https://ubuntu.com/security/notices/USN-6144-1

Thanks @ricotz for the updates.

An update for bionic will not be released since LibreOffice is not part of ESM-supported packages unless someone sponsors it
https://wiki.ubuntu.com/SecurityTeam/ESM/18.04#Maintained_Packages

Changed in libreoffice (Ubuntu Focal):
status: In Progress → Fix Released
Changed in libreoffice (Ubuntu Jammy):
status: In Progress → Fix Released
Changed in libreoffice (Ubuntu Bionic):
status: In Progress → Won't Fix
Rico Tzschichholz (ricotz)
information type: Private Security → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.