Age | Commit message (Collapse) | Author | Files | Lines |
|
Notes:
ignore: aoo
|
|
Looks better and serves the same purpose.
Notes:
ignore: aoo
|
|
Using these in notable files, especially the LICENSE, NOTICE and
README files improves the visibility of the repository and provides a
good reference for developers that may be looking for updates.
Notes:
ignore: obsolete
|
|
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites,
CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next
OpenSSL release. Their potential impact is low enough that that
various Linux distros have chosen not to apply the upstream patches
to the versions that they distribute.
On Windows, there is an optional new dependency on NASM,
<http://www.nasm.us/>. If NASM is not available, then the C
implementations of the low-level crypto code will be used instead
of the optimized assembly language versions. Since OpenOffice is
not a heavy user of this code, the impact should be minor. If NASM
is installed, but its location is not in $PATH, the directory
containing nasm.exe should be passed to configure using --with-nasm-home.
The fallback to the C crypto implementation also happens on Linux
if the version of gcc is sufficently old to indicate that the
toolchain is likely to not support the some of the instructions in
the assembly language versions of the code.
Notes:
prefer: 7ecaf61287606001eac9b3d76df95a0a900e11c0
|
|
Upgrade bundled expat to version 2.2.0, which fixes:
CVE-2016-5300
CVE-2012-6702
It is not known whether these can be exploited when expat is used
as part of OpenOffice. All of input files to expat seem to come
from the OpenOffice source.
One patch is needed to the expat source, without which saxparser
crashes during the build. It has been submitted upstream, see
<https://sourceforge.net/p/expat/bugs/539/>. It is only triggered
when building expat with -DXML_UNICODE which is not the default,
but this flag is used when building the bundled expat.
Notes:
prefer: 4c28c8051ac99bd2a39ad06af35d87c2ddf2677e
|
|
Upgrade bundled curl to version 7.49.1.
Delete most of the curl patches since they are no longer necessary.
The only needed patch is to produce a library with the expected name
when building on Windows.
Update the curl copyright info in LICENSE.
These curl CVEs have been fixed since 7.19.7:
CVE-2010-0734
CVE-2011-2192
CVE-2013-2174
CVE-2014-3143
CVE-2014-3144
CVE-2014-3145
CVE-2014-3148
CVE-2014-8150
CVE-2015-3153
CVE-2016-0755
Whether any of these affect the OpenOffice usage of curl is not known.
OpenOffice only uses curl to access ftp:// URLs, which is likely to be
only rarely done.
Notes:
prefer: c772c8fd273d73af4734ce0ed1b4bb082dc1886c
|
|
The Hangul Word Processor filter was disabled from OpenOffice in
r1677190 due to security concerns. While some extra buffer controls
could have been made and the filter restored, the truth is a much
bigger effort is required to catch up with this format. Files created
with later editions of Hangul, including Hangul Wordian, Hangul 2002,
Hangul 2005 and Hangul 2007 cannot be opened with the existing filter.
Existing users can apparently download a free viewer and convert their
document to RTF or doc.
Drop completely the code. while here also drop remnants of wpd support
that we dropped since 3.4.1. Having less code is sometimes better.
Notes:
prefer: f974db5d89eacf0c23e303c22c62972014e9db16
|
|
Attempt to clean up most but certainly not all the spelling
mistakes that found home in OpenOffice through decades.
Did I mention this is more important than translating
German comments? ;)
Notes:
merged as: 4d878a080907211f827bdf42184e98075a4ad0f5
|
|
but keep the --without-stlport configure option for now
it is the new default anyway
Notes:
ignore: obsolete
|
|
Notes:
ignore: aoo
|
|
from the Apache Incubator
On October 18th, 2012 the Apache Software foundation announced that the
Apache OpenOffice project has graduated from the Apache Incubator
Notes:
ignore: aoo
|
|
Convert to UTF-8 encoding, fix line endings mixed up while copying and
pasting licenses.
Notes:
ignore: aoo
|
|
update license/notice boilerplate text
|
|
|
|
|
|
the FSF. Cleanup some stuff while here.
|
|
|
|
|
|
using (yet)
|
|
|