Age | Commit message (Collapse) | Author | Files | Lines |
|
Fixes CVE-2018-6942.
Remove freetype-msvc-disable-sse2.patch.1 (doesn't apply and freetype is
only used on Android).
Change-Id: Ia89329f758a077c1493cdea45f99e5f58d1ef265
Reviewed-on: https://gerrit.libreoffice.org/68087
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Change-Id: I3d12b7307ad61f7fa73b19ff9ce7f82aebe3b162
Reviewed-on: https://gerrit.libreoffice.org/75758
Tested-by: Jenkins
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Fixes CVE-2020-6829, CVE-2020-12400 CVE-2020-12401 CVE-2020-12403.
(also CVE-2020-12402 CVE-2020-12399 in older releases since 3.47)
* external/nss/nss.nspr-parallel-win-debug_build.patch:
remove, merged upstream
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100345
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 495a5944a3d442cfe748a3bb0dcef76f6a961d30)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100420
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit 227d30a3a17f2fffb1a166cdc3e2a796bb335214)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100590
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 94cecbfdf3cf01fe3d5658c7edf78696da2a249f)
Change-Id: I8b48e25ce68a2327cde1420abdaea8f9e51a7888
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100864
Tested-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100903
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Since NSS 3.53, the Makefile based build should be fixed (upstream
bug 290526). The only missing patch is a minimal NSPR fix for the
"NSPR, configure + make, parallel, Windows, MS VS, debug" build.
That patch isn't incuded in the NSPR 4.25 release (but it's already
in the mercurial repo for NSPR 4.26).
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/95218
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de>
(cherry picked from commit b56e8d6def26a0430853835e997f1be841840a61)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100419
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit c1bce55faebd9ad8751d7b6b9a7f77dff7b3d507)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100589
(cherry picked from commit 3e4dbb1708d4b3b7619602b63602b884a7bb2caa)
Change-Id: I8eaa3792a12bdff734e56ac3f552991478957e23
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100863
Tested-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100902
Tested-by: Andras Timar <andras.timar@collabora.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Fixes CVE-2020-8169, and about 3 other ones that don't affect LO/libcmis.
Disable new optional dependencies "ngtcp2" and "quiche".
Change-Id: I595ed909c4e792ac3244643511a338b117e7f102
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97406
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit cb0c7e26e5708010b1fe941ae2f66134f31ed876)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97386
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 43130216127913d30074d3fe99c5706dcce44dee)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97572
Tested-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100904
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Fixes CVE-2018-3081 CVE-2020-2574 CVE-2020-2752 CVE-2020-2922 CVE-2020-13249
Remove obsolete patches:
* mariadb-msvc.patch.1
* mariadb-swap.patch
* mariadb-inline.patch.1
* mariadb-CONC-104.patch.1
Don't build anything from plugins/ in the hope that it's not needed.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96466
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit fe041bbc343ee08c6e901f63985d55a90da71c8b)
mariadb: forgot to adapt flatpak-manifest.in
mariadb: the "pvio_socket" plugin turns out to be important
... otherwise can't connect to a TCP socket.
(regression from fe041bbc343ee08c6e901f63985d55a90da71c8b)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96536
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 82a1650683df7d5c1769dfd68a26a4d071f1a546)
Change-Id: I1c8633866b7108a8bb22dae0e0dd5f4a44bf5150
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96519
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96984
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
This new version speeds up cache initialization.
For the Android Viewer case, this significantly decreases the
time between the user selecting the first document
after app installation and the point in time it actually shows up
(e.g. from about 2 minutes to about 10 seconds on my Samsung
Galaxy S4).
Note: fontconfig 2.13.92 had issues and did not work properly
when quickly testing with Android Viewer, showed e.g. this line in
'adb logcat' output and crashed when opening a document with Asian
characters
stderr : Fontconfig error: Cannot load config file from /data/user/0/<APP_ID>/etc/fonts/fonts.conf
So, go with version 2.13.91 for now.
This should probably also allow dropping the current workarounds
related to slow fontconfig cache initialization for the online-based
Android app, but unfortunately my builds of that app never
succeeded in properly loading/rendering any document, so I won't
touch that one for now...
tarball available for download at
https://www.freedesktop.org/software/fontconfig/release/fontconfig-2.13.91.tar.gz
Change-Id: I22c8d6de58ac9425931f884aab75841ccea0494a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90095
Tested-by: Jenkins
Reviewed-by: Michael Weghorn <m.weghorn@posteo.de>
(cherry picked from commit adbc858dd476651ac79300aaae25cf82e848cb69)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96874
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
|
|
Fixes CVE-2019-11745.
Remove nss.fix-freebl-add-lcc-support.patch.1, fixed upstream.
Reviewed-on: https://gerrit.libreoffice.org/83673
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit a6238c3fba80889f9090d997e2a4979b78b34ac7)
Change-Id: I72e35c90fabb0a83f547a787dbaee774e35f9c08
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94379
Tested-by: Andras Timar <andras.timar@collabora.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Fixes CVE-2019-18197.
Remove obsolete e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1.
Change-Id: I95cf498e245083528f98bfef8cdd240bbe2211b9
Reviewed-on: https://gerrit.libreoffice.org/83312
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit e9ea24cc004a8b9a5856f2f268bd40433c504db1)
Reviewed-on: https://gerrit.libreoffice.org/83378
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94382
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
fixes CVE-2019-9903 CVE-2019-9631 CVE-2019-9545 CVE-2019-9543
CVE-2019-14494 CVE-2019-12293 CVE-2019-11026 CVE-2019-10873
CVE-2019-10872 CVE-2019-10871 CVE-2019-10018
remove obsolete 0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1
Reviewed-on: https://gerrit.libreoffice.org/83308
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 28e52c49452320ac76489d0f93ca5692456e5331)
Reviewed-on: https://gerrit.libreoffice.org/83336
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit f3b2d61376c6d7ae262f58406d89ef0caa8b0aaf)
Change-Id: I72b3bf89b294ed3e24157c7e75fd58d4f68d9f35
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94381
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
... which is, surprisingly enough, required to build the latest libxslt.
Reviewed-on: https://gerrit.libreoffice.org/83311
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit d1bf39a78ed239d4493f0470ca937852265e79d6)
Reviewed-on: https://gerrit.libreoffice.org/83347
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit e9dc4662d4ba3bde91407911f1bc1a7aa25fa0ce)
Change-Id: Ifbb36ed61b8f68185f9c788f63a8edeb58899f94
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94378
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Meant to fix the build problems reported in the mail thread starting at
<https://lists.freedesktop.org/archives/libreoffice/2019-March/082340.html>
"Build failure with latest ICU 64.1".
(cherry picked from commit 75e3e7f2890438aadab28964c207f5308b7ffd4f)
[ Backport note: this is meant to fix Pranam's build problems. ]
Change-Id: I006b92f4737f5e56e50527dd954e8c0d339e75dc
Reviewed-on: https://gerrit.libreoffice.org/84651
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
Change-Id: Ideb980a07632e75e2bc7fffa851b8419e727c13b
Reviewed-on: https://gerrit.libreoffice.org/80357
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Change-Id: Ib05a6d6418563fd9333821594f0aca5ab724f3e8
Reviewed-on: https://gerrit.libreoffice.org/79099
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Change-Id: Ia98c9718ccd8e18b5f56851027bde944164f05c4
Reviewed-on: https://gerrit.libreoffice.org/78983
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Change-Id: I4eb115c7c085b325370e9cd8f80e1b03f16f5033
Reviewed-on: https://gerrit.libreoffice.org/77640
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
Reviewed-on: https://gerrit.libreoffice.org/77885
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/78426
Tested-by: Andras Timar <andras.timar@collabora.com>
|
|
Change-Id: Ibb45a473f49a9ba8f9cf53593dead375ac8a1951
Reviewed-on: https://gerrit.libreoffice.org/77639
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
Reviewed-on: https://gerrit.libreoffice.org/77884
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/78425
Tested-by: Andras Timar <andras.timar@collabora.com>
|
|
Fixes CVE-2019-11729 CVE-2019-11719 CVE-2019-11727, and the less
important CVE-2018-12384 and CVE-2018-12404 from intermediate releases.
Since NSS 3.44 it's possible to build as static libraries and for iOS;
drop the nss-chromium-nss-static.patch and nss-more-static.patch and
hope that it works.
Drop one hunk from nss.patch that looks fixed upstream.
Change-Id: I7f37ac36f7f8dfd49d0bfb4a6185ca49d4f618a3
Reviewed-on: https://gerrit.libreoffice.org/75344
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 6efc8a33f69bc7f4be45b7b81f67cd74c163b99e)
Reviewed-on: https://gerrit.libreoffice.org/75353
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 5da0fee0b4babd1603f0c98f132881a0d985dddb)
Reviewed-on: https://gerrit.libreoffice.org/76925
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
|
|
Change-Id: I3da50fd5463b532acea3ebd683a79701ccbfcda1
|
|
(cherry picked from commit 21dc27ab7834fe4d5783a9f4bd412c08cacc26b4)
Change-Id: I666665c801367ff760b14b9f474952e9894b4791
|
|
Change-Id: Idff367c5974eadaaf69896177cb3f2c7b792715c
|
|
Change-Id: I6c08476710ab541ff9b9407f5d874dbb038990df
|
|
Fixes CVE-2019-5435. It looks like this is not a problem on 32-bit
Windows because fortunately we don't use /LARGEADDRESSAWARE flag
to set IMAGE_FILE_LARGE_ADDRESS_AWARE... but on 32-bit Linux
the user-space VM is 3GB so an exploit might be possible.
Apparently there's no code in LO that uses the CURLU_URLENCODE flag.
The other one, CVE-2019-5436, doesn't matter because we disable tftp.
Change-Id: I0d4f087befa5a3c4fb21ec36761dad68932425d9
Reviewed-on: https://gerrit.libreoffice.org/72732
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit edb01616ac176401650c35d938c75c6c5558a47e)
Reviewed-on: https://gerrit.libreoffice.org/72775
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
https://github.com/anholt/libepoxy/issues/180 sounds very similar and
1.5.3 apparently fixes that
Change-Id: I009f5bc82f9e8326a7028ed29d86733cce649d15
Reviewed-on: https://gerrit.libreoffice.org/71750
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Jenkins
|
|
Fixes CVE-2019-7317.
Change-Id: I3374f5cbd6552e2c1569d63ee680d0c1d9389621
Reviewed-on: https://gerrit.libreoffice.org/71663
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit e2abbc0062398ea67cb13cb5b0b7bfdce78e652c)
Reviewed-on: https://gerrit.libreoffice.org/71668
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I4713b15061e831e1dfeccf8d59e46c0aa2ac4a18
Reviewed-on: https://gerrit.libreoffice.org/70351
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
(cherry picked from commit 86015855a98795d00a28f1bb65c41df947563d66)
Reviewed-on: https://gerrit.libreoffice.org/70354
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
|
|
Fixes CVE-2019-9636 CVE-2019-5010 CVE-2018-14647
Change-Id: If0a115960aed1ee90b63e6716c844669f0ec91e5
Reviewed-on: https://gerrit.libreoffice.org/70182
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 3c7354a85a9bd47a2676aadaad2f6622fe2d959c)
Reviewed-on: https://gerrit.libreoffice.org/70192
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Fixes CVE-2019-7310.
Add patch to fix CVE-2019-9200 too.
CVE-2018-20662 looks irrelevant because we don't build pdfunite tool.
Reviewed-on: https://gerrit.libreoffice.org/69094
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit f9b354784faf65ecc8024cf6d7d7aaf589f6d91f)
Change-Id: I5e7ddabbb341f6bfefb376d552b50c4006f41906
Reviewed-on: https://gerrit.libreoffice.org/69102
Tested-by: Jenkins
Reviewed-by: Michael Weghorn <m.weghorn@posteo.de>
|
|
Fixes CVE-2019-1559, plus a couple low-severity CVEs.
Change-Id: Icb6849ca5f33cb1169ce303505b2e32636e3b25b
Reviewed-on: https://gerrit.libreoffice.org/68430
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit e3b6c3ec9fd795601b0749675903fb49c72718fd)
Reviewed-on: https://gerrit.libreoffice.org/68440
Reviewed-by: Michael Weghorn <m.weghorn@posteo.de>
|
|
This fixes some minor CVEs.
Not including the fix for CVE-2018-18064, which does not affect LO
because we use the default implementation of FT_Memory which uses
free/malloc.
Change-Id: Ic047ed52cff3fdeba068f1b8d303c6c96c69addd
Reviewed-on: https://gerrit.libreoffice.org/68088
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit caeaa7b90e42c60ec407e1f0cd5b5db2b30f55d2)
Reviewed-on: https://gerrit.libreoffice.org/68215
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Fixes CVE-2017-15232, which looks rather minor.
Change-Id: Icffb0c5160bef79577431a02eb10ed9492e01d11
Reviewed-on: https://gerrit.libreoffice.org/68091
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit e0b96b9863ebe52c4e35c21b3084da9e53ebee1f)
Reviewed-on: https://gerrit.libreoffice.org/68108
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Apple can't afford the costly GPG licenses to sign releases apparently,
but the sha256 matches some OpenWRT and FreshPorts repos...
Fixes CVE-2015-7988.
Removing windows build patches, fixed upstream (except for the last hunk
of the SOCKET patch, but that is in code that is only used on MacOSX).
Change-Id: I9fdba5929badb75f995c66da0850d188780e7beb
Reviewed-on: https://gerrit.libreoffice.org/68092
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 3a85c2db176db708c0ff9401c40858eb60e80f1e)
Reviewed-on: https://gerrit.libreoffice.org/68113
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
fixes CVE-2018-16890 and CVE-2019-3822
Change-Id: I4c0021a5002590659cbfbdf642a7704a05309bf2
Reviewed-on: https://gerrit.libreoffice.org/67444
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 6ac54b9c8bce9425d3415d1e9bd8da318c44ed47)
Reviewed-on: https://gerrit.libreoffice.org/67447
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
...from <https://github.com/ivmai/libatomic_ops/wiki/Download>. (The md5sum
given there is 99128f05e3e3f4e0cd39aa23f23bbe0c.)
The old version of external/libatomic_ops failed to build at least when building
a Flatpak for aarch64, see
<https://flathub.org/builds/#/builders/39/builds/702/steps/5/logs/stdio>:
[...]
> Making all in src
> Making all in atomic_ops
> Making all in sysdeps
> In file included from atomic_ops_stack.h:32,
> from atomic_ops_malloc.c:20:
> atomic_ops.h:343:4: error: #error Cannot implement AO_compare_and_swap_full on this architecture.
> # error Cannot implement AO_compare_and_swap_full on this architecture.
> ^~~~~
> atomic_ops.c:97:1: error: unknown type name ‘AO_TS_t’; did you mean ‘AO_TS_T’?
> AO_TS_t AO_locks[AO_HASH_SIZE] = {
> ^~~~~~~
> AO_TS_T
[...]
(cf. <https://github.com/flathub/org.libreoffice.LibreOffice/pull/67/commits/
48b22dbabc06f1822df74f755096cf0ea5ba2499> "Upgrade libatomic_ops to latest
libatomic_ops-7.6.8.tar.gz")
Change-Id: Icc040cc47f45f71577995a2ff9c63df97150bdea
Reviewed-on: https://gerrit.libreoffice.org/66983
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 6584a5d9d1bb3e9b00e529358c989e8485071e36)
Reviewed-on: https://gerrit.libreoffice.org/67006
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Change-Id: I6cdfc50b2385c426e20ce0e9b216b18c763249b8
Reviewed-on: https://gerrit.libreoffice.org/66508
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
|
|
Reviewed-on: https://gerrit.libreoffice.org/66306
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 0609ea4fc27f34367716bf41c0cdaa7785aed9da)
Change-Id: If20998f8565b5534a96b3f29ccec572273edca1d
Reviewed-on: https://gerrit.libreoffice.org/66368
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
... at least, that's the plan - this is harder than it appears, as the
upstream maintainer appears to have released version 2.9 at least 3
times:
- Fedora has a file evidently downloaded before Nov. 17 with SHA512 of e30ad5a9a1ab9e7aaace9431434caa19a5ff6143db46644aba971a5ee37a265b26bf738e886d766405a7eb45a9d620d67c7ab3684ace86a107cf5a76642c04a5
- Gentoo has a file evidently downloaded before Nov. 19 with SHA256 of d4ad6f8718f7f9dc8b2a3276c9f237aa3f5eccdcf98b86dedc4262d8a1e7f009
- Debian has a file evidently downloaded before Dec. 17 with SHA256 of 48c6fdf98396fa245ed86e622028caf49b96fa22f3e5734f853f806fbc8e7d20
The lcms2-2.9.tar.gz available from sourceforge currently matches the
one Debian has, so let's use it.
* 0017-Upgrade-Visual-studio-2017-15.8.patch added (fixing CVE-2018-16435)
* 0001-Added-an-extra-check-to-MLU-bounds.patch.1 removed (fixed upstream)
Change-Id: Iab8dada8f6d77d5b2da8560993380b3332bc02f6
Reviewed-on: https://gerrit.libreoffice.org/66400
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 99b20e589e64fbcf374d84ae68911ef2a96e537c)
Reviewed-on: https://gerrit.libreoffice.org/66427
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
fixes CVE-2018-16840
Change-Id: Ica995a28a71eb5d5277d045d57fee9ba0f88883f
Reviewed-on: https://gerrit.libreoffice.org/66328
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 5e96a5c664aea950111199e56bda412512a849b0)
Reviewed-on: https://gerrit.libreoffice.org/66359
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Ifc64dae74df341e107857e43223ead04b9c1061e
Reviewed-on: https://gerrit.libreoffice.org/66309
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit 3f720ac5ff65ddb2c0a06e48d0e2e9bec29f3a43)
Reviewed-on: https://gerrit.libreoffice.org/66358
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
* fixes CVE-2018-14404
* drop one hunk from libxml2-android.patch that was added in commit
6a17d2f2ba7acfec277314b97b50e41532d6b44d; presumably nan() exists now
given that other code is calling it.
Change-Id: I696cc4e1da55536ea1c89a6e0446ce5bc8398ba4
Reviewed-on: https://gerrit.libreoffice.org/66308
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit beea5852720b22043aefcd1e6b7243c202b40601)
Reviewed-on: https://gerrit.libreoffice.org/66357
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: Ib29e1a622e25731731512a695443ac2c530d30c2
Reviewed-on: https://gerrit.libreoffice.org/65701
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit c6e73f3e5bfd5b1cca94f985b5299857d0238ae3)
Reviewed-on: https://gerrit.libreoffice.org/65712
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I01454cc35baf96743bd19e64dd3a7269c58621bf
Reviewed-on: https://gerrit.libreoffice.org/65715
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit a8965ebc1b29ba578fc3e9cd6915e85e807d9fd6)
Reviewed-on: https://gerrit.libreoffice.org/65726
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: Idda6c0ce0c087a3be2e7fe31999a7d5a6fde4835
Reviewed-on: https://gerrit.libreoffice.org/65725
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit 6aaed7c5165ea87c3a263fd9582c97892345120f)
Reviewed-on: https://gerrit.libreoffice.org/65735
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Reviewed-on: https://gerrit.libreoffice.org/65714
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit 87742f16e2d3f1c58534508b724268b9ce675c8e)
Change-Id: I68e3791f50b95956bfe6aae743978994a5f232b4
Reviewed-on: https://gerrit.libreoffice.org/65719
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: Iac2c3f75eda07b7381e57dba389c9836ab26502f
Reviewed-on: https://gerrit.libreoffice.org/65781
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit 927c42e080221c833fd418e9cfd6d18acc7d63c0)
Reviewed-on: https://gerrit.libreoffice.org/65803
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Reviewed-on: https://gerrit.libreoffice.org/65646
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit b3c7bf54b56441441f88bf906f6d01cc522ffd3c)
Change-Id: I0a7e888af770a332e2fec057507eecebf83621c4
Reviewed-on: https://gerrit.libreoffice.org/65689
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Liberation updated from 2.00.1 to 2.00.4 and
Liberation-Narrow from 1.07.4 to 1.07.6
Change-Id: I295f82d5b8230cdf8b3347491dd71c8689636d94
Reviewed-on: https://gerrit.libreoffice.org/65273
Tested-by: Jenkins
Reviewed-by: Heiko Tietze <tietze.heiko@gmail.com>
(cherry picked from commit 9eacb42ca081302faa62ac0f8c0af0adfa0e920b)
Reviewed-on: https://gerrit.libreoffice.org/65297
|
|
...which is the latest 9.2.x currently listed at
<https://www.postgresql.org/ftp/source/>. 9.2.1 doesn't build against
OpenSSL 1.1 which dropped SSL_library_init (cf. <https://wiki.openssl.org/
index.php/Library_Initialization#libssl_Initialization>), and 9.2.24 apparently
has that covered. (Ran into this when trying to upgrade the LibreOffice flatpak
build to org.freedesktop.Sdk//18.08, which has OpenSSL 1.1.)
On Windows, the new tarball as-is fails with
> ..\..\port\chklocale.c(214): error C2037: left of 'lc_codepage' specifies undefined struct/union '__crt_locale_data'
because at least in Windows Kits/10/Include/10.0.17763.0/ucrt/corecrt.h
(included from Windows Kits/10/Include/10.0.17763.0/ucrt/locale.h), the relevant
definitions are now
> typedef struct __crt_locale_data_public
> {
> unsigned short const* _locale_pctype;
> _Field_range_(1, 2) int _locale_mb_cur_max;
> unsigned int _locale_lc_codepage;
> } __crt_locale_data_public;
>
> typedef struct __crt_locale_pointers
> {
> struct __crt_locale_data* locinfo;
> struct __crt_multibyte_data* mbcinfo;
> } __crt_locale_pointers;
>
> typedef __crt_locale_pointers* _locale_t;
which presumably has changed from a past state where that lc_codepage member was
directly publicly accessible.
<https://dev-www.libreoffice.org/src/postgresql-9.2.24.tar.bz2> is a copy of
<https://ftp.postgresql.org/pub/source/v9.2.24/postgresql-9.2.24.tar.bz2>;
`sha256sum postgresql-9.2.24.tar.bz2` reports the same
a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126 as recorded in
<https://ftp.postgresql.org/pub/source/v9.2.24/postgresql-9.2.24.tar.bz2.sha256>
Change-Id: I196dd93aa03471042efba57ea639e1bb6655de98
Reviewed-on: https://gerrit.libreoffice.org/64730
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit a01ac385ed16fbe4239938c9d31462691707e87b)
Reviewed-on: https://gerrit.libreoffice.org/64764
|
|
Change-Id: Ia8d1f4831e651b3a8d5115f78e5a5239b56c71c4
Reviewed-on: https://gerrit.libreoffice.org/63015
Tested-by: Jenkins
Reviewed-by: László Németh <nemeth@numbertext.org>
|
|
Change-Id: I26f06c230533ed72c2b60ce5c9230bbd0a0db2e4
Reviewed-on: https://gerrit.libreoffice.org/62679
Tested-by: Jenkins
Reviewed-by: Kohei Yoshida <libreoffice@kohei.us>
|