I added a comment to the upstream bug report:
http://bugzilla.maptools.org/show_bug.cgi?id=2704#c14
--
Brian May
On 14/11/17 17:02, Moritz Mühlenhoff wrote:
> On Tue, Nov 14, 2017 at 04:48:48PM +0100, Raphael Hertzog wrote:
>> Package: libreoffice
>> Claimed-By: Emilio Pozuelo
>> Claimed-Date: 2017-05-31 17:29 (166 days ago)
>
> There's some data error, CVE-2017-12607 and CVE-2017-12608 were only
> disclosed
On Tue, Nov 14, 2017 at 04:48:48PM +0100, Raphael Hertzog wrote:
> Package: libreoffice
> Claimed-By: Emilio Pozuelo
> Claimed-Date: 2017-05-31 17:29 (166 days ago)
There's some data error, CVE-2017-12607 and CVE-2017-12608 were only
disclosed on Oct 27.
Cheers,
Moritz
Hello Emilio,
as the libreoffice entry is the oldest one without update[1] I decided
to take a look at the issues (even though it's assigned to you).
For CVE-2017-12607 I believe that wheezy is not affected as the patch
shown below merely ensures that nLevelAnz does not overflow nMaxPPTLevels (=
On 2017-11-14 08:58:33, Roberto C. Sánchez wrote:
> All,
>
> Some of the last few updates I have done have required building the
> package with ASAN in order to reproduce the bug and/or confirm the fix.
>
> After some searches did not come up with anything that captured the
> issues I have encounte
All,
Some of the last few updates I have done have required building the
package with ASAN in order to reproduce the bug and/or confirm the fix.
After some searches did not come up with anything that captured the
issues I have encountered, I have written up some notes [0] on building
packages wit
