[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-25636/libreoffice: revisit stretch triage
Sylvain Beucler (@beuc)
beuc at debian.org
Mon Apr 4 21:29:44 BST 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
39b0ceba by Sylvain Beucler at 2022-04-04T22:25:43+02:00
CVE-2021-25636/libreoffice: revisit stretch triage
Unlike CVE-2021-25633 and CVE-2021-25634, the patch doesn't require the XSecParser rewrite, is small, and the code is pretty similar, so backport appears reasonable.
- - - - -
8e4e4c7b by Sylvain Beucler at 2022-04-04T22:25:44+02:00
CVE-2020-12801,CVE-2020-12802/libreoffice: tidy triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -76201,7 +76201,7 @@ CVE-2021-25636 (LibreOffice supports digital signatures of ODF documents and mac
- libreoffice 1:7.3.0-1
[bullseye] - libreoffice <no-dsa> (Minor issue)
[buster] - libreoffice <no-dsa> (Minor issue)
- [stretch] - libreoffice <ignored> (Risk doesn't warrant complex backport)
+ [stretch] - libreoffice <postponed> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2056955
NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636
NOTE: Fixed by: https://github.com/LibreOffice/core/commit/b0404f80577de9ff69e58390c6f6ef949fdb0139
@@ -137508,13 +137508,13 @@ CVE-2020-12802 (LibreOffice has a 'stealth mode' in which only documents from lo
- libreoffice 1:6.4.4-1 (low)
[buster] - libreoffice <ignored> (Minor issue)
[stretch] - libreoffice <ignored> (Minor issue)
- [jessie] - libreoffice <no-dsa> (Minor issue)
+ [jessie] - libreoffice <ignored> (Minor issue)
NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802
CVE-2020-12801 (If LibreOffice has an encrypted document open and crashes, that docume ...)
- libreoffice 1:6.4.3-1 (low)
[buster] - libreoffice <ignored> (Minor issue)
[stretch] - libreoffice <ignored> (Minor issue)
- [jessie] - libreoffice <no-dsa> (Minor issue)
+ [jessie] - libreoffice <ignored> (Minor issue)
NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801
CVE-2020-12800 (The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1. ...)
NOT-FOR-US: drag-and-drop-multiple-file-upload-contact-form-7 plugin for WordPress
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e867cff7e2fc06dcb21ef4658c54cccaa467213f...8e4e4c7be229f6e0089bcfcfd3fc6451deab97b6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e867cff7e2fc06dcb21ef4658c54cccaa467213f...8e4e4c7be229f6e0089bcfcfd3fc6451deab97b6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220404/5cd2ad3c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list