*** This bug is a security vulnerability *** Public security bug reported:
CVE-2025-1080: Macro URL arbitrary script execution https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080/ https://gerrit.libreoffice.org/c/core/+/180970 https://ubuntu.com/security/CVE-2025-1080 * Oracular 24.10: Fix is included in 24.8.5 SRU - https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2098640 * Noble 24.04: Backport of patch to 24.2.7 required - ... * Jammy 22.04: Backport of patch to 7.3.7 required - ... * Focal 20.04: Backport of patch to 6.4.7 required - ... ** Affects: libreoffice (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: libreoffice (Ubuntu Focal) Importance: Undecided Status: New ** Affects: libreoffice (Ubuntu Jammy) Importance: Undecided Status: New ** Affects: libreoffice (Ubuntu Noble) Importance: Undecided Status: New ** Affects: libreoffice (Ubuntu Oracular) Importance: Undecided Status: New ** Affects: libreoffice (Ubuntu Plucky) Importance: Undecided Status: Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-1080 ** Also affects: libreoffice (Ubuntu Plucky) Importance: Undecided Status: New ** Also affects: libreoffice (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: libreoffice (Ubuntu Oracular) Importance: Undecided Status: New ** Also affects: libreoffice (Ubuntu Noble) Importance: Undecided Status: New ** Also affects: libreoffice (Ubuntu Jammy) Importance: Undecided Status: New ** Changed in: libreoffice (Ubuntu Plucky) Status: New => Fix Released ** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2100975 Title: CVE-2025-1080 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2100975/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
