[Git][security-tracker-team/security-tracker][master] CVE-2025-1080/libreoffice
Bastien Roucariès (@rouca)
rouca at debian.org
Sat Jun 14 10:15:37 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
54aab34d by Bastien Roucariès at 2025-06-14T11:13:21+02:00
CVE-2025-1080/libreoffice
Before tdf#100837 URL are not interpreted on command line
Version according to configure.ac version string of particular commit
For documentation purpose
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32312,6 +32312,7 @@ CVE-2025-1080 (LibreOffice supports Office URI Schemes to enable browser integra
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080
NOTE: https://gerrit.libreoffice.org/c/core/+/181016
NOTE: Fixed by: https://git.libreoffice.org/core/commit/7105fb698f897ddb38bd60315444c07356689e14
+ NOTE: Vulnerable logic (function CheckOfficeURI) introduced by: https://github.com/LibreOffice/core/commit/4311e8fb88c334cccad6f577610e1af8ae75bc59 (5.3.0.0.alpha0+)
CVE-2025-0958 (The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerab ...)
NOT-FOR-US: WordPress plugin
CVE-2025-0512 (The Structured Content (JSON-LD) #wpsc plugin for WordPress is vulnera ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54aab34d29dd7650e16ff307188df51f85d63f37
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54aab34d29dd7650e16ff307188df51f85d63f37
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250614/bda70d31/attachment.htm>
More information about the debian-security-tracker-commits
mailing list