Register | Log in

r-cran-readxl

GNU R package to read Excel files

Choose email to subscribe with

general

source: r-cran-readxl (main)
version: 1.5.0-1
maintainer: Dirk Eddelbuettel (DMD)
arch: any
std-ver: 4.7.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.3.1-2
oldstable: 1.4.2-1
stable: 1.4.5-1
testing: 1.5.0-1
unstable: 1.5.0-1

versioned links

1.3.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

r-cran-readxl (1 bugs: 0, 1, 0, 0)

action needed

2 security issues in trixie high

There are 2 open security issues in trixie.

2 important issues:

CVE-2026-26824: libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file
CVE-2026-26825: A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xls_parseWorkBook() and is triggered by uninitialized heap memory originating from the OLE layer (ole2_read). The flaw is detectable with MemorySanitizer (MSAN) and can lead to undefined behavior, incorrect parsing logic, or potential information disclosure.

Created: 2026-06-06 Last update: 2026-06-06 00:00

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2026-26824: libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file
CVE-2026-26825: A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xls_parseWorkBook() and is triggered by uninitialized heap memory originating from the OLE layer (ole2_read). The flaw is detectable with MemorySanitizer (MSAN) and can lead to undefined behavior, incorrect parsing logic, or potential information disclosure.

Created: 2026-06-06 Last update: 2026-06-06 00:00

2 security issues in forky high

There are 2 open security issues in forky.

2 important issues:

CVE-2026-26824: libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file
CVE-2026-26825: A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xls_parseWorkBook() and is triggered by uninitialized heap memory originating from the OLE layer (ole2_read). The flaw is detectable with MemorySanitizer (MSAN) and can lead to undefined behavior, incorrect parsing logic, or potential information disclosure.

Created: 2026-06-06 Last update: 2026-06-06 00:00

2 security issues in bullseye high

There are 2 open security issues in bullseye.

2 important issues:

CVE-2026-26824: libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file
CVE-2026-26825: A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xls_parseWorkBook() and is triggered by uninitialized heap memory originating from the OLE layer (ole2_read). The flaw is detectable with MemorySanitizer (MSAN) and can lead to undefined behavior, incorrect parsing logic, or potential information disclosure.

Created: 2026-06-06 Last update: 2026-06-06 00:00

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2026-26824: libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file
CVE-2026-26825: A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xls_parseWorkBook() and is triggered by uninitialized heap memory originating from the OLE layer (ole2_read). The flaw is detectable with MemorySanitizer (MSAN) and can lead to undefined behavior, incorrect parsing logic, or potential information disclosure.

Created: 2026-06-06 Last update: 2026-06-06 00:00

news

[2026-06-01] r-cran-readxl 1.5.0-1 MIGRATED to testing (Debian testing watch)
[2026-05-20] Accepted r-cran-readxl 1.5.0-1 (source) into unstable (Dirk Eddelbuettel)
[2025-03-29] r-cran-readxl 1.4.5-1 MIGRATED to testing (Debian testing watch)
[2025-03-17] Accepted r-cran-readxl 1.4.5-1 (source) into unstable (Dirk Eddelbuettel)
[2025-03-05] r-cran-readxl 1.4.4-1 MIGRATED to testing (Debian testing watch)
[2025-02-27] Accepted r-cran-readxl 1.4.4-1 (source) into unstable (Dirk Eddelbuettel)
[2023-07-17] r-cran-readxl 1.4.3-1 MIGRATED to testing (Debian testing watch)
[2023-07-07] Accepted r-cran-readxl 1.4.3-1 (source) into unstable (Dirk Eddelbuettel)
[2023-02-19] r-cran-readxl 1.4.2-1 MIGRATED to testing (Debian testing watch)
[2023-02-09] Accepted r-cran-readxl 1.4.2-1 (source) into unstable (Dirk Eddelbuettel)
[2022-08-27] r-cran-readxl 1.4.1-1 MIGRATED to testing (Debian testing watch)
[2022-08-20] Accepted r-cran-readxl 1.4.1-1 (source) into unstable (Dirk Eddelbuettel)
[2022-05-03] r-cran-readxl 1.4.0-1 MIGRATED to testing (Debian testing watch)
[2022-03-28] Accepted r-cran-readxl 1.4.0-1 (source) into unstable (Dirk Eddelbuettel)
[2019-08-24] r-cran-readxl 1.3.1-2 MIGRATED to testing (Debian testing watch)
[2019-08-19] Accepted r-cran-readxl 1.3.1-2 (source) into unstable (Dirk Eddelbuettel)
[2019-03-21] Accepted r-cran-readxl 1.3.1-1 (source amd64) into unstable (Dirk Eddelbuettel)
[2019-02-26] r-cran-readxl 1.3.0-1 MIGRATED to testing (Debian testing watch)
[2019-02-15] Accepted r-cran-readxl 1.3.0-1 (source amd64) into unstable (Dirk Eddelbuettel)
[2019-02-04] Accepted r-cran-readxl 0.1.1-1+deb9u2 (source amd64) into proposed-updates->stable-new, proposed-updates (Dirk Eddelbuettel)
[2019-02-02] r-cran-readxl 1.2.0.9000-1 MIGRATED to testing (Debian testing watch)
[2019-01-27] Accepted r-cran-readxl 1.2.0.9000-1 (source amd64) into unstable (Dirk Eddelbuettel)
[2018-12-29] r-cran-readxl 1.2.0-1 MIGRATED to testing (Debian testing watch)
[2018-12-23] Accepted r-cran-readxl 1.2.0-1 (source amd64) into unstable (Dirk Eddelbuettel)
[2018-04-25] r-cran-readxl 1.1.0-1 MIGRATED to testing (Debian testing watch)
[2018-04-20] Accepted r-cran-readxl 1.1.0-1 (source amd64) into unstable (Dirk Eddelbuettel)
[2018-04-18] r-cran-readxl 1.0.0-2 MIGRATED to testing (Debian testing watch)
[2018-04-16] Accepted r-cran-readxl 0.1.1-1+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Dirk Eddelbuettel)
[2018-04-16] Accepted r-cran-readxl 0.1.1-1+deb9u1 (source amd64) into stable->embargoed, stable (Dirk Eddelbuettel)
[2018-04-12] Accepted r-cran-readxl 1.0.0-2 (source amd64) into unstable (Dirk Eddelbuettel)

1
2

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.5-1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing