Dear Hans, I have to apologize myself for the late answer, I was quite busy at School. Anyway, I have not the skills to reproduce the bug, neither I have found any documentation about how to reproduce it.
I simply noticed the following announced updates: 1. fedora on 11/9/2014 pushed an update fedora libreoffice update against 4.2.6 <https://admin.fedoraproject.org/updates/FEDORA-2014-10732/libreoffice-4.2.6.3-3.fc20?_csrf_token=64d5a5974814b08b5ab603be5c3c633bdc612ee7> 2. opensuse on 15/9/2014 pushed an update opensuse libreoffice update <http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00018.html> 3. upstream libreoffice webpage <https://www.libreoffice.org/about-us/security/advisories/cve-2014-3575/> they all speak as the vulnerability is against libreoffice earlier than 4.2.5 and linux *any* This is the best evidence I can produce. I hope this mail to have been usefull, and forgive my bad english :). Best regards Tiziano 2014-10-18 15:59 GMT+02:00 Hans Joachim Desserud <1380...@bugs.launchpad.net >: > Thanks for taking your time to report this issue and help making Ubuntu > better. > > I searched the Ubuntu CVE tracker, and it claims that this issue does > not apply to Ubuntu (http://people.canonical.com/~ubuntu- > security/cve/2014/CVE-2014-3575.html). I am not familiar with this issue > though, so it would be nice if we could get a comment from someone who > are. > > ** CVE added: http://www.cve.mitre.org/cgi- > bin/cvename.cgi?name=2014-3575 > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/1380711 > > Title: > security CVE 2014-3575 > > Status in "libreoffice" package in Ubuntu: > New > > Bug description: > dear mantainers, as you can see here > http://www.securitytracker.com/id/1030804, libreoffice earlier than > 4.2.6 secfix1 is vulnerable, as apache openoffice earlier than 4.1.1 > to CVE 2014-3575, if i understan correctly the report. > > thank's for you work. > best regards > Tiziano Casavecchia > > To manage notifications about this bug go to: > > https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1380711/+subscriptions > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1380711 Title: security CVE 2014-3575 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1380711/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
