Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted libreoffice 1:6.1.5-3+deb10u9 (source) into oldoldstable
Date: Sat, 12 Aug 2023 15:40:28 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 11 Aug 2023 19:09:29 +0000
Source: libreoffice
Architecture: source
Version: 1:6.1.5-3+deb10u9
Distribution: buster-security
Urgency: medium
Maintainer: Debian LibreOffice Maintainers <debian-openoffice@lists.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
 libreoffice (1:6.1.5-3+deb10u9) buster-security; urgency=medium
 .
   * Team upload by the LTS team
   * CVE-2022-3874: Libreoffice may be configured to add an empty
     entry to the Java class path.
     This may lead to run arbitrary Java code from the
     current directory.
   * CVE-2023-0950: Improper Validation of Array Index vulnerability in the
     spreadsheet component allows an attacker to craft a
     spreadsheet document that will cause an array index
     underflow when loaded. In the affected versions of LibreOffice
     certain malformed spreadsheet formulas, such as AGGREGATE,
     could be created with less parameters passed to the formula
     interpreter than it expected, leading to an array index
     underflow, in which case there is a risk that arbitrary
     code could be executed.
Checksums-Sha1:
 5d91a7d4a20514bb7f3e51712e8911109ee4abe8 27751 libreoffice_6.1.5-3+deb10u9.dsc
 1e79c5a0a34d93734b4f7ed7a75c91e644f63f0e 9998300 libreoffice_6.1.5-3+deb10u9.debian.tar.xz
 412c393a7373f1774f891577fd251360f160e19c 108556 libreoffice_6.1.5-3+deb10u9_amd64.buildinfo
Checksums-Sha256:
 94eef0b00aa050bf169bd1450df393cf292b065e8ce0a1be5bb4f40371a7e27b 27751 libreoffice_6.1.5-3+deb10u9.dsc
 e3d43686ddac6653fae4056a53ef7fade40e62d793c6169617f4b53d27a1991b 9998300 libreoffice_6.1.5-3+deb10u9.debian.tar.xz
 8ee42a9cc404068c236db246b175c50f2694ef02a3f974fb4892da06821463c0 108556 libreoffice_6.1.5-3+deb10u9_amd64.buildinfo
Files:
 8d9bc422e345b328f1b3ae9c3c8f3dac 27751 editors optional libreoffice_6.1.5-3+deb10u9.dsc
 8e453d22d9d8c8e83939813823511a38 9998300 editors optional libreoffice_6.1.5-3+deb10u9.debian.tar.xz
 46cfbc9f00faaf36a29c5843e94d9a59 108556 editors optional libreoffice_6.1.5-3+deb10u9_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmTXo54RHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF8atA/+MISqrMjYs31ROmsW6ymRlwsVjerMHw4N
7eZxmT4f6Hyj6osgEUJjDbsmcgKwgOVSM2vVLy1FzN70+Gc89n/arFyzixa/VC1q
Femgr/eZMrvhE9lHRATGkl5XchPzujI0E9rgm7/GTvu7F49gZXNT9BhY+4qCPst6
s287n9ix8gu5KM/lOz/1rjUELXQXK41Ji4JURK/jx6aPFoKt/BRnTe21l4bAqbFJ
DzGV1axzNyZrQZwSRQ3iy9ns1/4qOw0SJHFmIPPzAsU7e2liFuEJHck6+bXU16is
bgIt8nOXIHAjVey3tB7gil+XeyrApj60z9T+IWwt6jwf985X0gO6fJaPGSPGzJkz
pfj2s2J0h9W321oCM52tzcY1zDfnT0/pjBjsL/1h/svpUbosI/5hh1iE1RA1+VwF
YNEarFhUsVsf39VEZg9b7xn0FtmRulede57w7zsf9EFPZCtIxjJDZKuFgNtiE3Qe
yuIiVDUDrBnQk/Hkkx85pWm51oQjAoVgjmkgDdu17XO2KjjtB2+kKbAFstobbU5r
Z0tI9cj3BEwGPvha3fV4Vm1+eF4o/F4nSonDLvZCVxU1sxE64/I7F656yWAhFaFk
ib4FE170Okggw79gctsC7oPRBRkvztYERV0yWeFwXxrGwYRUGcAohgD0W4fHzGMJ
o/jj348LS1s=
=ooAu
-----END PGP SIGNATURE-----

News for package libreoffice