[Git][security-tracker-team/security-tracker][master] Reserve DLA-3703-1 for libreoffice

Sun Dec 31 09:24:13 GMT 2023


Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7e32e992 by Bastien Roucariès at 2023-12-31T09:23:53+00:00
Reserve DLA-3703-1 for libreoffice

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -263960,19 +263960,16 @@ CVE-2020-12804
 	RESERVED
 CVE-2020-12803 (ODF documents can contain forms to be filled out by the user. Similar  ...)
 	- libreoffice 1:6.4.4-1 (low)
-	[buster] - libreoffice <ignored> (Minor issue)
 	[stretch] - libreoffice <ignored> (Minor issue)
 	[jessie] - libreoffice <ignored> (Minor issue)
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12803
 CVE-2020-12802 (LibreOffice has a 'stealth mode' in which only documents from location ...)
 	- libreoffice 1:6.4.4-1 (low)
-	[buster] - libreoffice <ignored> (Minor issue)
 	[stretch] - libreoffice <ignored> (Minor issue)
 	[jessie] - libreoffice <ignored> (Minor issue)
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802
 CVE-2020-12801 (If LibreOffice has an encrypted document open and crashes, that docume ...)
 	- libreoffice 1:6.4.3-1 (low)
-	[buster] - libreoffice <ignored> (Minor issue)
 	[stretch] - libreoffice <ignored> (Minor issue)
 	[jessie] - libreoffice <ignored> (Minor issue)
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[31 Dec 2023] DLA-3703-1 libreoffice - security update
+	{CVE-2020-12801 CVE-2020-12802 CVE-2020-12803 CVE-2023-6185 CVE-2023-6186}
+	[buster] - libreoffice 1:6.1.5-3+deb10u11
 [31 Dec 2023] DLA-3702-1 libspreadsheet-parseexcel-perl - security update
 	{CVE-2023-7101}
 	[buster] - libspreadsheet-parseexcel-perl 0.6500-1+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -109,9 +109,6 @@ kodi
   NOTE: 20231228: Added by Front-Desk (lamby)
   NOTE: 20231228: CVE-2021-42917 was postponed in 2021; fixed in bullseye via DSA or point release. (lamby)
 --
-libreoffice (rouca)
-  NOTE: 20231217: Added by Front-Desk (utkarsh)
---
 libreswan
   NOTE: 20230817: Added by Front-Desk (ta)
   NOTE: 20230909: Prepared a patch for CVE-2023-38712 and pushed it to



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e32e992c76e9f74f91e798c13ba224783d5e2f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e32e992c76e9f74f91e798c13ba224783d5e2f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231231/3a2edb2a/attachment-0001.htm>
