--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-cf9ddf9fff
2019-02-08 02:28:54.738682
--------------------------------------------------------------------------------
Name : libreoffice
Product : Fedora 28
Version : 6.0.7.3
Release : 1.fc28
URL :
http://www.libreoffice.org/
Summary : Free Software Productivity Suite
Description :
LibreOffice is an Open Source, community-developed, office productivity suite.
It includes the key desktop applications, such as a word processor,
spreadsheet, presentation manager, formula editor and drawing program, with a
user interface and feature set similar to other office suites. Sophisticated
and flexible, LibreOffice also works transparently with a variety of file
formats, including Microsoft Office File Formats.
--------------------------------------------------------------------------------
Update Information:
CVE-2018-16858 Directory traversal flaw in script execution
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 3 2019 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.7.3-1
- Resolves: rhbz#1672002 CVE-2018-16858
* Tue Oct 30 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.2-4
- rhbz#1644232 silence annoying
'gtk_widget_queue_draw_area: assertion 'height >= 0' failed'
warning
* Sat Oct 27 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.2-3
- tdf#120376 fix duplicated styles on copy paste in draw
* Mon Oct 22 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.2-2
- fix inability to interact with chart sidebar
* Tue Aug 14 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.2-1
- latest version
* Tue Jul 31 2018 Florian Weimer <fweimer(a)redhat.com> - 1:6.0.6.1-7
- Rebuild with fixed binutils
* Thu Jul 26 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.1-6
- Related: rhbz#1602589 fix/silence more covscan warnings
* Fri Jul 20 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.1-5
- implement export of underline in outlined font for simple case
* Wed Jul 18 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.1-4
- Resolves: rhbz#1602589 fix covscan issues
* Tue Jul 17 2018 Eike Rathke <erack(a)redhat.com> - 1:6.0.6.1-3
- Upgrade to ICU 61.1
- Upgrade to ICU 62.1
* Tue Jul 17 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.1-2
- Resolves: rhbz#1601882 fails to build with --nocheck
* Tue Jul 17 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.6.1-1
- latest 6.0 release
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:6.0.5.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jul 10 2018 Pete Walter <pwalter(a)fedoraproject.org> - 1:6.0.5.2-2
- Rebuild for ICU 62
* Fri Jun 22 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.5.2-1
- latest 6.0 release
- fix for ICU 61
- fix for Python 3.7
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1:6.0.4.2-5
- Rebuilt for Python 3.7
* Tue Jun 5 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.4.2-4
- Resolves: rhbz#1581028 endless font widget update
* Tue Jun 5 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.4.2-3
- use weak deps for fedora only
* Mon May 28 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.4.2-2
- Resolves: rhbz#1582324 crash after merging writer table cells
* Fri May 25 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.4.2-1
- latest 6.0 release
* Wed May 9 2018 Stephan Bergmann <sbergman(a)redhat.com> - 1:6.0.3.2-10
- Fix a potential crash when using the dconf configuration backend
* Sat May 5 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-9
- tdf#117413 char doubling in calc under X
* Fri May 4 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-8
- rhbz#1575000 CVE-2018-10583 allow embedded links to smb resources
to be blocked
* Thu May 3 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-7
- rhbz#1573845 won't start without at least Langpack-en-US.xcd
* Mon Apr 30 2018 Pete Walter <pwalter(a)fedoraproject.org> - 1:6.0.3.2-6
- Rebuild for ICU 61.1
* Tue Apr 24 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-5
- Resolves: tdf#116951 rhbz#1569331 start is G_MAXINT
* Thu Apr 19 2018 Stephan Bergmann <sbergman(a)redhat.com> - 1:6.0.3.2-4
- Resolves: rhbz#1568579 LibreOffice --headless zombie process
- Related: rhbz#1569331 end should be in terms of unicode chars, not bytes
* Tue Apr 17 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-3
- Related: rhbz#1396729 use cairo_surface_create_similar
* Tue Apr 10 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-2
- finally drop bundled xmlsec1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672002 - CVE-2018-16858 libreoffice: Arbitrary python functions in arbitrary
modules on the filesystem can be executed without warning [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1672002
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-cf9ddf9fff' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------