Rebased ref, commits from common ancestor:
commit 96c2725f0fe57b897e5874312afee554eebb2e14
Author: Andras Timar <andras.ti...@collabora.com>
AuthorDate: Sat Apr 1 18:52:18 2023 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Apr 2 10:22:22 2023 +0200
Bump version to 6.4.7.2.M8
Change-Id: I10ed6218b601ae5fe2b2c4aaa183928f61ef0b86
diff --git a/configure.ac b/configure.ac
index 69c307106b92..562afd38e503 100644
--- a/configure.ac
+++ b/configure.ac
@@ -9,7 +9,7 @@ dnl in order to create a configure script.
# several non-alphanumeric characters, those are split off and used only for
the
# ABOUTBOXPRODUCTVERSIONSUFFIX in openoffice.lst. Why that is necessary, no
idea.
-AC_INIT([LibreOffice],[6.4.7.2.M7],[],[],[http://documentfoundation.org/])
+AC_INIT([LibreOffice],[6.4.7.2.M8],[],[],[http://documentfoundation.org/])
dnl libnumbertext needs autoconf 2.68, but that can pick up autoconf268 just
fine if it is installed
dnl whereas aclocal (as run by autogen.sh) insists on using autoconf and fails
hard
diff --git a/download.lst b/download.lst
index f89513e83607..e54532dad9f2 100644
--- a/download.lst
+++ b/download.lst
@@ -460,8 +460,8 @@ PAGEMAKER_TARBALL := libpagemaker-0.0.4.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
-PDFIUM_SHA256SUM :=
eb98a77eaaab9e9e8de541cfd18b9438dd3c538bd5ef163820353179727f5dc9
-PDFIUM_TARBALL := pdfium-4643.tar.bz2
+PDFIUM_SHA256SUM :=
eca406d47ac7e2a84dcc86f93c08f96e591d409589e881477fa75e488e4851d8
+PDFIUM_TARBALL := pdfium-4306.tar.bz2
# three static lines
# so that git cherry-pick
# will not run into conflicts
commit 3ff7fd68eeb2d71f8b971dbdbe742e78af1007e0
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Mon Mar 20 11:52:22 2023 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Apr 2 10:07:28 2023 +0200
curl: upgrade to release 8.0.0
Fixes CVE-2023-27535.
Also hopefully fixes excessive storage consumption during build:
o build: drop the use of XC_AMEND_DISTCLEAN [62]
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149153
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit bbe0d0534abe6480c4502ce8fb543a736d3399d8)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149105
Reviewed-by: Xisco Fauli <xiscofa...@libreoffice.org>
(cherry picked from commit 38b54a4d86e05bbbbdbf2a38771395579d1b005a)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149108
Tested-by: Xisco Fauli <xiscofa...@libreoffice.org>
(cherry picked from commit 383128f262ea7fef7b6e372dc364a32d6cb0a7da)
curl: upgrade to release 8.0.1
Apparently 8.0.0 had a serious regression.
Change-Id: Icc761f5e5e01b5d9bebecc13f7cba608f5834f54
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149204
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit e5005c76bd60a004f6025728e794ba3e4d0dfff1)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149112
Tested-by: László Németh <nem...@numbertext.org>
Reviewed-by: Xisco Fauli <xiscofa...@libreoffice.org>
(cherry picked from commit f2d935242665774f080bb13a2814988ad615f6e1)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149321
Tested-by: Michael Stahl <michael.st...@allotropia.de>
diff --git a/download.lst b/download.lst
index 0a212bda07d3..f89513e83607 100644
--- a/download.lst
+++ b/download.lst
@@ -71,8 +71,8 @@ CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
# three static lines
# so that git cherry-pick
# will not run into conflicts
-CURL_SHA256SUM :=
1dae31b2a7c1fe269de99c0c31bb488346aab3459b5ffca909d6938249ae415f
-CURL_TARBALL := curl-7.88.1.tar.xz
+CURL_SHA256SUM :=
0a381cd82f4d00a9a334438b8ca239afea5bfefcfa9a1025f2bf118e79e0b5f0
+CURL_TARBALL := curl-8.0.1.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
commit 5ef9098780898979d42c489662defb05b47d962d
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Thu Feb 23 15:31:02 2023 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Apr 2 10:07:28 2023 +0200
curl: upgrade to release 7.88.1
Fixes CVE-2023-23916, 2 CVEs that probably don't affect LO.
Reference: https://curl.se/docs/security.html
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147977
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 6074d16b8c631e679a67364837d4ca9799731152)
Change-Id: If9b3fc7c5ce66bfe1027caff39ea2c1cf55df7ad
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/148044
Tested-by: Michael Stahl <michael.st...@allotropia.de>
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
diff --git a/download.lst b/download.lst
index ffc4b986c2f0..0a212bda07d3 100644
--- a/download.lst
+++ b/download.lst
@@ -71,8 +71,8 @@ CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
# three static lines
# so that git cherry-pick
# will not run into conflicts
-CURL_SHA256SUM :=
ee5f1a1955b0ed413435ef79db28b834ea5f0fb7c8cfb1ce47175cc3bee08fff
-CURL_TARBALL := curl-7.87.0.tar.xz
+CURL_SHA256SUM :=
1dae31b2a7c1fe269de99c0c31bb488346aab3459b5ffca909d6938249ae415f
+CURL_TARBALL := curl-7.88.1.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
diff --git a/external/curl/curl-7.26.0_win-proxy.patch
b/external/curl/curl-7.26.0_win-proxy.patch
index 909ca38315a6..62016a70e8a0 100644
--- a/external/curl/curl-7.26.0_win-proxy.patch
+++ b/external/curl/curl-7.26.0_win-proxy.patch
@@ -44,7 +44,7 @@
/****************************************************************
* Detect what (if any) proxy to use. Remember that this selects a host
* name and is not limited to HTTP proxies only.
-@@ -4613,6 +4633,66 @@
+@@ -4613,6 +4633,67 @@
* For compatibility, the all-uppercase versions of these variables are
* checked if the lowercase versions don't exist.
*/
@@ -58,6 +58,7 @@
+ char *ieProxy;
+ char *ieNoProxy;
+ char *pos;
++ bool spacesp;
+
+ ieProxy = wstrToCstr(ieProxyConfig->lpszProxy);
+ ieNoProxy = wstrToCstr(ieProxyConfig->lpszProxyBypass);
@@ -72,7 +73,7 @@
+ }
+ }
+
-+ if(!Curl_check_noproxy(conn->host.name, no_proxy)) {
++ if(!Curl_check_noproxy(conn->host.name, no_proxy, &spacesp)) {
+ /* Look for the http proxy setting */
+ char *tok;
+ char *saveptr;
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index 2128849369e7..2e8766b3d45f 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,7 +1,7 @@
diff -ur curl.org/configure curl/configure
---- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
-+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -28230,7 +28230,12 @@
+--- curl.orig/configure 2023-02-20 16:11:55.000000000 +0900
++++ curl/configure 2023-02-23 15:40:58.617432471 +0900
+@@ -28675,7 +28675,12 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
commit 518401144a3e3fc6c82410537ce39e1433cd92ca
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Fri Dec 30 21:29:58 2022 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Apr 2 10:07:27 2023 +0200
curl: upgrade to release 7.87.0
Fixes CVE-2022-43551 and CVE-2022-43552.
https://curl.se/docs/CVE-2022-43551.html
https://curl.se/docs/CVE-2022-43552.html
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145116
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 181806115a694ade32c7bba1abd9aa931b1a93b9)
Change-Id: I979ed11c212aef226ad9f26420462e5f9dbe15e5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/148043
Tested-by: Michael Stahl <michael.st...@allotropia.de>
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
diff --git a/download.lst b/download.lst
index 31ca21a4aeac..ffc4b986c2f0 100644
--- a/download.lst
+++ b/download.lst
@@ -71,8 +71,8 @@ CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
# three static lines
# so that git cherry-pick
# will not run into conflicts
-CURL_SHA256SUM :=
2d61116e5f485581f6d59865377df4463f2e788677ac43222b496d4e49fb627b
-CURL_TARBALL := curl-7.86.0.tar.xz
+CURL_SHA256SUM :=
ee5f1a1955b0ed413435ef79db28b834ea5f0fb7c8cfb1ce47175cc3bee08fff
+CURL_TARBALL := curl-7.87.0.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
diff --git a/external/curl/curl-7.26.0_win-proxy.patch
b/external/curl/curl-7.26.0_win-proxy.patch
index 6fb20533e097..909ca38315a6 100644
--- a/external/curl/curl-7.26.0_win-proxy.patch
+++ b/external/curl/curl-7.26.0_win-proxy.patch
@@ -12,8 +12,8 @@
--- curl-7.26.0/lib/url.c
+++ misc/build/curl-7.26.0/lib/url.c
@@ -78,6 +78,10 @@
- bool Curl_win32_idn_to_ascii(const char *in, char **out);
- #endif /* USE_LIBIDN2 */
+
+ #include <limits.h>
+#ifdef _WIN32
+#include <WinHttp.h>
diff --git a/external/curl/curl-msvc-disable-protocols.patch.1
b/external/curl/curl-msvc-disable-protocols.patch.1
index 89c4ff576f85..71ff0c01a028 100644
--- a/external/curl/curl-msvc-disable-protocols.patch.1
+++ b/external/curl/curl-msvc-disable-protocols.patch.1
@@ -2,7 +2,7 @@ disable protocols nobody needs in MSVC build
--- curl/lib/config-win32.h.orig 2017-08-09 16:43:29.464000000 +0200
+++ curl/lib/config-win32.h 2017-08-09 16:47:38.549200000 +0200
-@@ -616,4 +616,20 @@
+@@ -654,4 +654,20 @@
# define ENABLE_IPV6 1
#endif
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index 5ef25748d7eb..2128849369e7 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,7 +1,7 @@
diff -ur curl.org/configure curl/configure
--- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -27985,7 +27985,12 @@
+@@ -28230,7 +28230,12 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0
index b8e242a3aaea..b4442ba262d1 100644
--- a/external/curl/zlib.patch.0
+++ b/external/curl/zlib.patch.0
@@ -1,6 +1,6 @@
--- configure
+++ configure
-@@ -22808,7 +22808,6 @@
+@@ -23035,7 +23035,6 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
@@ -8,7 +8,7 @@
# Check whether --with-zlib was given.
if test ${with_zlib+y}
-@@ -22818,6 +22818,7 @@
+@@ -23045,6 +23044,7 @@
if test "$OPT_ZLIB" = "no" ; then
@@ -16,7 +16,7 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5
printf "%s\n" "$as_me: WARNING: zlib disabled" >&2;}
else
-@@ -22825,6 +825,21 @@
+@@ -23052,6 +23052,21 @@
OPT_ZLIB=""
fi
@@ -38,7 +38,7 @@
if test -z "$OPT_ZLIB" ; then
if test -n "$PKG_CONFIG"; then
-@@ -23120,6 +23120,7 @@
+@@ -23344,6 +23359,7 @@
printf "%s\n" "$as_me: found both libz and libz.h header" >&6;}
curl_zlib_msg="enabled"
fi
@@ -48,7 +48,7 @@
if test x"$AMFIXLIB" = x1; then
--- configure.ac
+++ configure.ac
-@@ -1222,19 +1222,30 @@
+@@ -1243,19 +1243,30 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
@@ -80,7 +80,7 @@
if test -z "$OPT_ZLIB" ; then
CURL_CHECK_PKGCONFIG(zlib)
-@@ -1316,6 +1316,7 @@
+@@ -1336,6 +1347,7 @@
AC_MSG_NOTICE([found both libz and libz.h header])
curl_zlib_msg="enabled"
fi
commit 56a4c8b48403daae66ae5f88fbdabec19564d5f9
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Fri Feb 24 17:49:23 2023 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Apr 2 10:07:27 2023 +0200
postgresql: upgrade to release 13.10
Fixes CVE-2022-41862
Reference: https://www.postgresql.org/support/security/CVE-2022-41862/
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147834
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit efff34d7bdccf210a5e878bd9bc4d35ec72b71ab)
Change-Id: I6075838972fec1c091f3150b19c5da4dc80ad6d3
diff --git a/download.lst b/download.lst
index 3a094e76fcde..31ca21a4aeac 100644
--- a/download.lst
+++ b/download.lst
@@ -480,8 +480,8 @@ POPPLER_TARBALL := poppler-22.09.0.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
-POSTGRESQL_SHA256SUM :=
9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3
-POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2
+POSTGRESQL_SHA256SUM :=
5bbcf5a56d85c44f3a8b058fb46862ff49cbc91834d07e295d02e6de3c216df2
+POSTGRESQL_TARBALL := postgresql-13.10.tar.bz2
# three static lines
# so that git cherry-pick
# will not run into conflicts
commit c4182e108201085bc22be3200786f9a09c7768f6
Author: Eike Rathke <er...@redhat.com>
AuthorDate: Mon Feb 27 16:10:06 2023 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Apr 2 10:07:27 2023 +0200
Always push a result, even if it's only an error
PERCENTILE() and QUARTILE() if an error was passed as argument (or
an error encountered during obtaining arguments) omitted to push
an error result, only setting the error.
Fallout from
commit f336f63da900d76c2bf6e5690f1c8a7bd15a0aa2
CommitDate: Thu Mar 3 16:28:59 2016 +0000
tdf#94635 Add FORECAST.ETS functions to Calc
Change-Id: I23e276fb0ce735cfd6383cc963446499dcf819f4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147922
Reviewed-by: Eike Rathke <er...@redhat.com>
Tested-by: Jenkins
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147959
Tested-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
diff --git a/sc/source/core/tool/interpr3.cxx b/sc/source/core/tool/interpr3.cxx
index f219beca9386..d442d4eee224 100644
--- a/sc/source/core/tool/interpr3.cxx
+++ b/sc/source/core/tool/interpr3.cxx
@@ -3474,7 +3474,7 @@ void ScInterpreter::ScPercentile( bool bInclusive )
GetNumberSequenceArray( 1, aArray, false );
if ( aArray.empty() || nGlobalError != FormulaError::NONE )
{
- SetError( FormulaError::NoValue );
+ PushNoValue();
return;
}
if ( bInclusive )
@@ -3497,7 +3497,7 @@ void ScInterpreter::ScQuartile( bool bInclusive )
GetNumberSequenceArray( 1, aArray, false );
if ( aArray.empty() || nGlobalError != FormulaError::NONE )
{
- SetError( FormulaError::NoValue );
+ PushNoValue();
return;
}
if ( bInclusive )
commit 97aa992614c3db522a5df847fd77f97c2776c0df
Author: Eike Rathke <er...@redhat.com>
AuthorDate: Mon Feb 27 23:14:01 2023 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sun Apr 2 10:07:27 2023 +0200
Underflow assert also in already calculated path
Change-Id: I7bd1c4960280a6526bb82e5b95c5253775df1e1a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147937
Reviewed-by: Eike Rathke <er...@redhat.com>
Tested-by: Jenkins
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147958
Tested-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
diff --git a/sc/source/core/tool/interpr4.cxx b/sc/source/core/tool/interpr4.cxx
index 002c7de4c1da..170e60f6afca 100644
--- a/sc/source/core/tool/interpr4.cxx
+++ b/sc/source/core/tool/interpr4.cxx
@@ -3982,9 +3982,20 @@ StackVar ScInterpreter::Interpret()
(*aTokenMatrixMapIter).second->GetType() != svJumpMatrix)
{
// Path already calculated, reuse result.
- nStackBase = sp - pCur->GetParamCount();
- if ( nStackBase > sp )
- nStackBase = sp; // underflow?!?
+ if (sp >= pCur->GetParamCount())
+ nStackBase = sp - pCur->GetParamCount();
+ else
+ {
+ SAL_WARN("sc.core", "Stack anomaly with calculated path at "
+ << aPos.Tab() << "," << aPos.Col() << "," << aPos.Row()
+ << " " << aPos.Format(
+ ScRefFlags::VALID | ScRefFlags::FORCE_DOC |
ScRefFlags::TAB_3D, pDok)
+ << " eOp: " << static_cast<int>(eOp)
+ << " params: " <<
static_cast<int>(pCur->GetParamCount())
+ << " nStackBase: " << nStackBase << " sp: " << sp);
+ nStackBase = sp;
+ assert(!"underflow");
+ }
sp = nStackBase;
PushTokenRef( (*aTokenMatrixMapIter).second);
}
