summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Bump version to 6.2-34cp-6.2-34co-6.2-34Andras Timar2021-12-061-1/+1
| | | | Change-Id: If492b3bcc55660dc24be24c537584f388d8a50da
* nss: upgrade to release 3.73Michael Stahl2021-12-035-34/+8
| | | | | | | | | | | | | | | | | | | | | Fixes: CVE-2021-43527 Memory corruption via DER-encoded DSA and RSA-PSS signatures Includes: nss: upgrade to release 3.71 * external/nss/nss.getopt.patch.0: fixed upstream * external/nss/nss-win-arm64.patch: fixed upstream * external/nss/nss_macosx.patch: one hunk was fixed upstream Conflicts: download.lst Reviewed-on: https://gerrit.libreoffice.org/c/core/+/126218 Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de> Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de> (cherry picked from commit c8e21d246bcb4289cb25c82be440cd07b7418436) Change-Id: I5c3f169c57fc2763029b07ad7e325b2f53b7e28f
* hdiutil flatten/unflatten was removed in macOS 11Andras Timar2021-10-231-1/+1
| | | | Change-Id: If5a1a70f8a7428d81668704f93fa7a1f45058b68
* Build with newer macOS SDKcp-6.2-33co-6.2-33Andras Timar2021-10-191-42/+78
| | | | Change-Id: I5181b2f08c297566a266b360c27ee9d21f6c67b2
* Bump version to 6.2-33Andras Timar2021-10-191-1/+1
| | | | Change-Id: I003658766ec3cdd56363092c11692c3ce159f9ff
* xmlsecurity: add tests for multiple X509Data/X509CertificateMichael Stahl2021-10-196-0/+111
| | | | Change-Id: If50ae8156f81c1053aa8fbfc3148da64bb8e1442
* xmlsecurity: add test for timestampsMichael Stahl2021-10-192-0/+24
| | | | Change-Id: I6ce64ca7c59639684779144ed0ed8d36c4aca32b
* xmlsec: fix signing documents on WNTMichael Stahl2021-10-192-0/+69
| | | | | | | | | | | | | | | | | | | | Duplicate ds:X509Certificate elements cause: warn:xmlsecurity.comp:9604:3820:xmlsecurity/source/helper/xmlsignaturehelper.cxx:658: X509Data do not form a chain: certificate in cycle: (regression from 5af5ea893bcb8a8eb472ac11133da10e5a604e66) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113746 Tested-by: Mike Kaganski <mike.kaganski@collabora.com> Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit ae08aa8a095832ae2a88eac14f9680ac8d3a13b6) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113752 Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de> (cherry picked from commit 0ab3a264ba8d732cffa42a069c9aa50dab44e99f) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113754 Tested-by: Michael Stahl <michael.stahl@allotropia.de> Change-Id: I3d319a2f74dbec17b73f1c7bb8f4efe4e335f0ac
* xmlsecurity: replace OOXMLSecParser implementationMichael Stahl2021-10-193-234/+1314
| | | | | | | | | | | | | This is similar to 12b15be8f4f930a04d8056b9219ac969b42a9784 and following commits, but OOXMLSecParser has some differences to XSecParser, such as using a ds:Manifest, and requires a couple extra namespaces. Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113381 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com> (cherry picked from commit cc1d19f7bbaefa5fb22ebd1344112755068b93c9) Change-Id: I56e39d9609db8fcad50ca1632ff482c1f0a30ff5
* xmlsecurity: improve handling of multiple X509Data elementsMichael Stahl2021-10-1922-211/+682
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Combine everything related to a certificate in a new struct X509Data. The CertDigest is not actually written in the X509Data element but in xades:Cert, so try to find the matching entry in XSecController::setX509CertDigest(). There was a confusing interaction with PGP signatures, where ouGpgKeyID was used for import, but export wrote the value from ouCertDigest instead - this needed fixing. The main point of this is enforcing a constraint from xmldsig-core 4.5.4: All certificates appearing in an X509Data element MUST relate to the validation key by either containing it or being part of a certification chain that terminates in a certificate containing the validation key. Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111254 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 9e82509b09f5fe2eb77bcdb8fd193c71923abb67) xmlsecurity: improve handling of multiple certificates per X509Data It turns out that an X509Data element can contain an arbitrary number of each of its child elements. How exactly certificates of an issuer chain may or should be distributed across multiple X509Data elements isn't terribly obvious. One thing that is clear is that any element that refers to or contains one particular certificate has to be a child of the same X509Data element, although in no particular order, so try to match the 2 such elements that the parser supports in XSecController::setX509Data(). Presumably the only way it makes sense to have multiple signing certificates is if they all contain the same key but are signed by different CAs. This case isn't handled currently; CheckX509Data() will complain there's not a single chain and validation of the certificates will fail. Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111500 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 5af5ea893bcb8a8eb472ac11133da10e5a604e66) xmlsecurity: add EqualDistinguishedNames() Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111545 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 1d3da3486d827dd5e7a3bf1c7a533f5aa9860e42) xmlsecurity: avoid exception in DigitalSignaturesDialog::getCertificate() Fallback to PGP if there's no X509 signing certificate because CheckX509Data() failed prevents the dialog from popping up. To avoid confusing the user in this situation, the dialog should show no certificate, which is already the case. Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111664 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 90b725675c2964f4a151d802d9afedd8bc2ae1a7) xmlsecurity: fix crash in DocumentDigitalSignatures::isAuthorTrusted() If the argument is null. This function also should use EqualDistinguishedNames(). Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111667 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit ca98e505cd69bf95d8ddb9387cf3f8e03ae4577d) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111910 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit a1cf770c2d7ca3e153e0b1f01ddcc313bc2bed7f) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113058 Tested-by: Michael Stahl <michael.stahl@allotropia.de> Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> Change-Id: I9633a980b0c18d58dfce24fc59396a833498a77d
* xmlsecurity: ignore elements in ds:Object that aren't signedMichael Stahl2021-10-194-90/+221
| | | | | | | | | | | Change-Id: I2e4411f0907b89e7ad6e0185cee8f12b600515e8 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111253 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 2bfa00e6bf4b2a310a8b8f5060acec85b5f7a3ce) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111909 Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 94ce59dd02fcfcaa1eb4f195b45a9a2edbd58242)
* xmlsecurity: XSecParser confused about multiple timestampsMichael Stahl2021-10-198-80/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | LO writes timestamp both to dc:date and xades:SigningTime elements. The parser tries to avoid reading multiple dc:date, preferring the first one, but doesn't care about multiple xades:SigningTime, for undocumented reasons. Ideally something should check all read values for consistency. Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111160 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 4ab8d9c09a5873ca0aea56dafa1ab34758d52ef7) xmlsecurity: remove XSecController::setPropertyId() Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111252 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit d2a345e1163616fe3201ef1d6c758e2e819214e0) Change-Id: Ic018ee89797a1c8a4f870ae102af48006de930ef Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111908 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit abe77c4fcb9ea97d9fff07eaea6d8863bcba5b02)
* xmlsecurity: replace XSecParser implementationMichael Stahl2021-10-198-358/+1404
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implement Namespaces in XML and follow xmldsig-core and XAdES schemas. Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110833 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 12b15be8f4f930a04d8056b9219ac969b42a9784) xmlsecurity: move XSecParser state into contexts Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111158 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 59df9e70ce1a7ec797b836bda7f9642912febc53) xmlsecurity: move XSecParser Reference state into contexts Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111159 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit cfeb89a758b5f0ec406f0d72444e52ed2f47b85e) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111907 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit ad5930e87e788780a255523f106deb1dde5d7b37) Change-Id: I03537b51bb757ecbfa63a826b38de543c70ba032
* expand out some namespace aliases [xmlsecurity/source/helper]Noel Grandin2021-10-194-123/+107
| | | | | | | | | | | | | | | | | | | | | | Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94093 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk> (cherry picked from commit 943fbfad668da76f7d0ebd4f4d8cdd67224d2f01) plus one line in xsecverify.cxx from: commit f59d9e7ea09482c2e9e5f52a8d0445e4cebc3df5 Author: Noel Grandin <noel.grandin@collabora.co.uk> AuthorDate: Fri Apr 3 15:53:49 2020 +0200 new loplugin:unusedvariableplus a particularly aggressive checker, which is why it is off by default Change-Id: I5fdb554a1b116824843f35645bc1cea3ca91e0f2 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113052 Tested-by: Michael Stahl <michael.stahl@allotropia.de> Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
* default to CertificateValidity::INVALIDCaolán McNamara2021-10-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | so if CertGetCertificateChain fails we don't want validity to be css::security::CertificateValidity::VALID which is what the old default of 0 equates to notably commit 1e0bc66d16aee28ce8bd9582ea32178c63841902 Date: Thu Nov 5 16:55:26 2009 +0100 jl137: #103420# better logging turned the nss equivalent of SecurityEnvironment_NssImpl::verifyCertificate from 0 to CertificateValidity::INVALID like this change does Change-Id: I5350dbc22d1b9b378da2976d3b0abd728f1f4c27 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110561 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com> (cherry picked from commit edeb164c1d8ab64116afee4e2140403a362a1358) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113051 Tested-by: Michael Stahl <michael.stahl@allotropia.de> Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
* do same set error state as ReadAndVerifySignature doesCaolán McNamara2021-10-191-0/+1
| | | | | | | | | | | | | | | this function is nearly exactly the same as ReadAndVerifySignature except it doesn't set error-state on exception during parse Change-Id: Ife881f639a11d3185920ca62cc2cd22812fae36d Reviewed-on: https://gerrit.libreoffice.org/c/core/+/112366 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> Reviewed-by: Miklos Vajna <vmiklos@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/112412 (cherry picked from commit 52a23d595b820cab27d76d0e7c129f2757c762d6) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113050 Tested-by: Michael Stahl <michael.stahl@allotropia.de>
* Silence -Werror=maybe-uninitializedStephan Bergmann2021-10-191-0/+5
| | | | | | | | | | | | | | ...where the members of aRectangle passed into gtv_calc_header_bar_draw_text (and unconditionally used there, see the definition further up in this file) are only set for ROW and COLUMN types. Lets assume that no other types can happen here? (This is part of libreofficekit/Executable_gtktiledviewer.mk, see libreofficekit/README for how to execute it.) Change-Id: I487be241e564127183751758710140ab24941f63 Reviewed-on: https://gerrit.libreoffice.org/84424 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com> (cherry picked from commit 281f3d5c418e50a2858619633ebca290bd626c03)
* ofz#27817 null derefCaolán McNamara2021-10-191-3/+2
| | | | | | | | Change-Id: I16da6f6f78dfd0a4bc17017275a6644d6e4340c8 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106533 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 48d052a9f1bdbd34e1819b45ab83f51b84911702)
* ofz#26676 null derefCaolán McNamara2021-10-191-1/+8
| | | | | | | | Change-Id: Ic2bd8b49762266ad48263bd68a143b46fb5fd66f Reviewed-on: https://gerrit.libreoffice.org/c/core/+/104863 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 9bf58fd45814f10ecf6131aeeec86123a383723f)
* ofz#26480 validate WW8PLCFpcd is sorted like WW8PLCF doesCaolán McNamara2021-10-192-13/+30
| | | | | | | | Change-Id: I11393c730986585aeea229ebeec6417e4a0578d9 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/104510 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 7f55db80c6fe42c162bbf51404e638a66b6ae9ab)
* ofz#26122 allow NINSIZE input full elementsCaolán McNamara2021-10-191-7/+9
| | | | | | | | Change-Id: Ifbde8fc055a91e23db08508a34ce4664d2f1f96f Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103906 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit fb0c3f9d8964f8c0f40238559c32d9d73cba6b55)
* ofz#25989 cmap parsingCaolán McNamara2021-10-191-1/+1
| | | | | | | | Change-Id: I048e5d88d5926a4afa75afab18db5ca6354e2454 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103641 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 9a1202edab0cfe95572f12a8c49ef756ead49bf2)
* ofz#20622 oomCaolán McNamara2021-10-191-1/+2
| | | | | | | | Change-Id: Id77d90197e98d29787a40966f248dd769c9dac28 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90175 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 1e95c2c17a49349caba1e62b4de3752c5f767f01)
* ofz#20517 null-dereferenceCaolán McNamara2021-10-192-1/+3
| | | | | | | | Change-Id: I443869f848925911ed46e2f547f0dc652b1ff290 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/88214 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 08695569fd4fccc1722e7e3c7e0a234699199196)
* ofz#20447 Null-dereference READCaolán McNamara2021-10-191-0/+2
| | | | | | | | | Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87802 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit fec7e3422f4d1c5b9382518a11d0bb99b12e41c9) Change-Id: I76c1c815ab5aaf4548c886a69989fcabe3de5248
* ofz#20366 OOMCaolán McNamara2021-10-191-1/+9
| | | | | | | | Change-Id: If658720502739e6ad88c3cf73ac6674e0313a48b Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87648 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 090cf1e3bbe0ffaf56f22b152b73578483be2f42)
* ofz#20456 Null-dereference READCaolán McNamara2021-10-191-2/+3
| | | | | | | | | | this is the first honggfuzz (honggfuzz_asan_libreoffice) report I've seen to date Change-Id: Iac733aa63c7c94d9454b9c8596340dc2286393c0 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87803 Tested-by: Jenkins Reviewed-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 0754e581b0d8569dd08cf26f88678754f249face)
* nss: fix parallel build race in nsinstall.pyMichael Stahl2021-10-192-8/+12
| | | | | | | | | | | | | | | | | | | | File "/home/tdf/lode/jenkins/workspace/android_aarch64/external/nss/nsinstall.py", line 112, in nsinstall os.makedirs(args[0]) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/os.py", line 223, in makedirs mkdir(name, mode) FileExistsError: [Errno 17] File exists: '../../../../dist/public/dbm' ../../../coreconf/rules.mk:119: recipe for target '../../../../dist/public/dbm/d' failed Change-Id: I4273e6d3d5fa520353fff8738823ef281fe237ed Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109619 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 6f5186a94dcd1989cdd819e35163af0542912559) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109587 Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de> (cherry picked from commit 01fffa977e28b2a671f195daa3a1aaa4cbe3b258) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109765 Tested-by: Michael Stahl <michael.stahl@allotropia.de>
* external/liblangtag: Avoid null pointer deref in lt_warning callStephan Bergmann2021-10-192-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recent GCC 10 trunk warns (when LO is configured with --enable-optimized): > In file included from lt-script-db.c:24: > lt-script-db.c: In function ‘lt_script_db_parse.constprop’: > lt-messages.h:105:2: error: ‘%s’ directive argument is null [-Werror=format-overflow=] > 105 | lt_message_printf(LT_MSG_WARNING, \ > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > 106 | LT_MSG_FLAG_NONE, \ > | ~~~~~~~~~~~~~~~~~~~ > 107 | 0, \ > | ~~~~~~ > 108 | __VA_ARGS__) > | ~~~~~~~~~~~~ > lt-script-db.c:137:4: note: in expansion of macro ‘lt_warning’ > 137 | lt_warning("No subtag node: description = '%s'", > | ^~~~~~~~~~ > lt-script-db.c:137:47: note: format string is defined here > 137 | lt_warning("No subtag node: description = '%s'", > | ^~ Change-Id: I2924f7aab84f4f2640f277ee5c2689753627ae78 Reviewed-on: https://gerrit.libreoffice.org/83869 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com> (cherry picked from commit 047e8ae5d189f030d565b13f97a4d6a45b00e6be) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105557 Tested-by: Michael Stahl <michael.stahl@cib.de> Reviewed-by: Michael Stahl <michael.stahl@cib.de>
* openssl_headers depends on generated opensslconf.hStephan Bergmann2021-10-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | ...at workdir/UnpackedTarball/openssl/include/openssl/opensslconf.h, as can be seen with failed builds like <https://ci.libreoffice.org//job/lo_tb_master_mac/35209>: [...] > [build PAT] openssl > [build C ] UnpackedTarball/mariadb-connector-c/plugins/auth/caching_sha2_pw.c > [build C ] UnpackedTarball/mariadb-connector-c/libmariadb/secure/openssl_crypt.c > [build DEP] LNK:Library/libclucene.dylib > [build LNK] Library/libclucene.dylib > In file included from /Users/tdf/lode/jenkins/workspace/lo_tb_master_mac/workdir/UnpackedTarball/mariadb-connector-c/libmariadb/secure/openssl_crypt.c:21: > /Users/tdf/lode/jenkins/workspace/lo_tb_master_mac/workdir/UnpackedTarball/openssl/include/openssl/evp.h:13:11: fatal error: 'openssl/opensslconf.h' file not found > # include <openssl/opensslconf.h> > ^~~~~~~~~~~~~~~~~~~~~~~ > 1 error generated. Change-Id: Ied1dcdd0afb6099e9218671c6a06c0edaafc931e Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108928 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com> (cherry picked from commit 0f7008e91f45cf8e3cee6f372ce012b38a795e26)
* openssl: add patch for CVE-2021-3712Michael Stahl2021-10-192-0/+57
| | | | | | | Change-Id: I4061cbac18ddf9c7f932a27bf2b54a2b1c2f9d99 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/121029 Tested-by: Michael Stahl <michael.stahl@allotropia.de> Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
* curl: upgrade to release 7.78.0Michael Stahl2021-10-199-35/+17
| | | | | | | | | | | | | | | | | | | | | | | | | * Fixes CVE-2020-8284 CVE-2021-22924 * Also fixes these which don't look relevant to LO: CVE-2020-8231 CVE-2020-8285 CVE-2020-8286 CVE-2021-22876 CVE-2021-22890 CVE-2021-22897 CVE-2021-22898 CVE-2021-22901 CVE-2021-22922 CVE-2021-22923 CVE-2021-22925 CVE-2021-22926 * disable some new protocols and dependencies * remove curl-ios.patch.1 as the code no longer exists upstream Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119313 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit 946f457c885bd10ff1a7281c351f3981f035f5a7) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119262 Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de> (cherry picked from commit 020eb3b363a5c9444c97075a2e15b63ccbe7bf2d) Change-Id: I12d5f87f4d503a5f9859226a05cfe2a07e46d993 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119427 Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de> Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
* Bump version to 6.2-32cp-6.2-32Andras Timar2021-07-061-1/+1
| | | | Change-Id: I7ad32f1ec00bc81f81a17b9f7397a1e40a91bf87
* lok: sc: unit test for non existent tab view data fixDennis Francis2021-07-051-0/+43
| | | | | | | Change-Id: I7c0ea95118448a49288ff70c8e7bcddc379df5ca Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118319 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
* lok: sc: avoid crash on non existent tab view dataDennis Francis2021-07-054-9/+26
| | | | | | | | | ... when accessing position helpers. Change-Id: Ia627a8c4ed30ad1f1c2333df00b656fe041f111e Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118318 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
* fix potential use-after-free in SwClipboardChangeListenerNoel Grandin2021-07-021-0/+2
| | | | | | | | | | | | we think we're seeing this in COOL Change-Id: I29a287b032158076a99a836d98113d1623ebef99 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118277 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk> (cherry picked from commit 558dface96fbc5f487b16cfa1bf3c3ea20776331) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118263 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
* Bump version to 6.2-31cp-6.2-31Andras Timar2021-06-151-1/+1
| | | | Change-Id: Ia7a4feff6e45f6ce3d592672a3f2bbbce1c93058
* Implemented Delete key deletes the table when all the cells are selectedmerttumer2021-06-151-8/+22
| | | | | | | | | Change-Id: I8a17c73781a3399b214d5655b83036652933a90a Signed-off-by: merttumer <mert.tumer@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115689 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/117191 Reviewed-by: Andras Timar <andras.timar@collabora.com>
* Fix Row size change is not updatedmerttumer2021-06-151-1/+6
| | | | | | | | | | | | | Row size is not taken into account when there is a change Only if column size/position changes, it starts updating Change-Id: I99f3aa9fe0e7f3428234062a2520ca8a61984067 Signed-off-by: merttumer <mert.tumer@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114130 Reviewed-by: Jan Holesovsky <kendy@collabora.com> Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/117190 Reviewed-by: Andras Timar <andras.timar@collabora.com>
* Implemented CTRL + A selects all the cellsmerttumer2021-06-155-1/+43
| | | | | | | | | | | | | | | | When the table is selected, ctrl + a should select all the cells unless text editing is enabled. The previous behavior was deselecting the table and marking all the objects. However, for table it should select all the cells instead. Change-Id: I9fb512618a61a96ff21daa74c5a4ae9b31e3906e Signed-off-by: merttumer <mert.tumer@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114129 Reviewed-by: Jan Holesovsky <kendy@collabora.com> Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/117189 Reviewed-by: Andras Timar <andras.timar@collabora.com>
* Fix ESC key selects all the cells of the table objectmerttumer2021-06-151-7/+0
| | | | | | | | | | | | | | | | | Selecting the table should not necessarily mean selecting all the cells. If all the cells are selected which ESC key does the same thing, it is impossible to delete the table with the delete key, only after an input following by an ESC deleselects them and deleting becomes possible. Change-Id: I33f182d330f1cbc411d47b86098a4aea544a90ae Signed-off-by: merttumer <mert.tumer@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114128 Reviewed-by: Jan Holesovsky <kendy@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/117188 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-by: Andras Timar <andras.timar@collabora.com>
* vcl: check mpWindowImpl before referencing itGabriel Masei2021-06-093-26/+42
| | | | | | | | | | | | | | | | Fixed some cases generating crashes because mpWindowImpl was not checked for nullptr. Conflicts: vcl/source/window/toolbox.cxx Change-Id: I5540f9f21a870b02655b5bf2afdbf3a8153c1519 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116330 Tested-by: Jenkins Reviewed-by: Jan Holesovsky <kendy@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116774 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-by: Gabriel Masei <gabriel.masei@1and1.ro> Reviewed-by: Dennis Francis <dennis.francis@collabora.com>
* upgrade to Expat 2.4.1Caolán McNamara2021-05-262-2/+16
| | | | | | | drop ubsan patch in favour of fix applied as https://github.com/libexpat/libexpat/pull/398 Change-Id: I59eb9e24206b9a4cf323b7f7d48d8df0792a1c46
* libxml2: upgrade to release 2.9.12Michael Stahl2021-05-263-6/+6
| | | | | | | | | | | | | | Fixes: CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVE-2021-3541 * external/libxml2/ubsan.patch.0: remove, fixed upstream Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115913 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> (cherry picked from commit bf0c6a98ae38cd2188d7f7e94f1563e5ce6a8ce4) Change-Id: I347dc854b862e78bde87d3e57cf5fdb584ca5673
* lok: don't use focus window to request helpSzymon Kłos2021-04-293-3/+4
| | | | | | | | | | | | | | Use clicked button instead - what leads to the correct window. If only focused window was taken into account sometimes it caused incorrect help link to be used. Change-Id: I645dc1ffa6a6d6d363ea5f9874fa830c441516c7 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107882 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-by: Szymon Kłos <szymon.klos@collabora.com> (cherry picked from commit 70f2fc7a10f41204e353bd3487377983a1018b53) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114728 Reviewed-by: Andras Timar <andras.timar@collabora.com>
* vcl: lok: don't use window impl after destroyAshod Nakashian2021-04-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When destroying floating windows, accessing the GetLOKNotifier can segfault. The following is the stack-trace from such a case. /usr/bin/loolforkit(_ZN7SigUtil13dumpBacktraceEv+0x5e)[0x55cbf9da62fe] /usr/bin/loolforkit(+0x1d0af5)[0x55cbf9da6af5] /lib/x86_64-linux-gnu/libpthread.so.0(+0x128a0)[0x7fe0a125f8a0] /opt/collaboraoffice6.4/program/libmergedlo.so(_ZNK3vcl6Window14GetLOKNotifierEv+0x7)[0x7fe09e67b827] /opt/collaboraoffice6.4/program/libmergedlo.so(_ZN3vcl6Window24GetParentWithLOKNotifierEv+0x2b)[0x7fe09e67b86b] /opt/collaboraoffice6.4/program/libmergedlo.so(_ZN14FloatingWindow12StateChangedE16StateChangedType+0x43)[0x7fe09e609a13] /opt/collaboraoffice6.4/program/libmergedlo.so(_ZN3vcl6Window4ShowEb9ShowFlags+0x2ba)[0x7fe09e67cd5a] /opt/collaboraoffice6.4/program/libmergedlo.so(_Z21ImplDestroyHelpWindowR14ImplSVHelpDatab+0xe3)[0x7fe09e90c193] /opt/collaboraoffice6.4/program/libmergedlo.so(_ZN9Scheduler21ProcessTaskSchedulingEv+0x8ea)[0x7fe09e93817a] /opt/collaboraoffice6.4/program/libmergedlo.so(_ZN14SvpSalInstance12CheckTimeoutEb+0x107)[0x7fe09ea06807] /opt/collaboraoffice6.4/program/libmergedlo.so(_ZN14SvpSalInstance7DoYieldEbb+0x85)[0x7fe09ea06905] /opt/collaboraoffice6.4/program/libmergedlo.so(+0x2f5d6fb)[0x7fe09e94f6fb] /opt/collaboraoffice6.4/program/libmergedlo.so(_ZN11Application7ExecuteEv+0x45)[0x7fe09e950295] /opt/collaboraoffice6.4/program/libmergedlo.so(+0x1f6d545)[0x7fe09d95f545] /opt/collaboraoffice6.4/program/libmergedlo.so(_Z10ImplSVMainv+0x51)[0x7fe09e957321] /opt/collaboraoffice6.4/program/libmergedlo.so(soffice_main+0x98)[0x7fe09d980b88] /opt/collaboraoffice6.4/program/libmergedlo.so(+0x1f9e7c1)[0x7fe09d9907c1] /usr/bin/loolforkit(_Z10lokit_mainRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES6_S6_S6_S6_bbbbm+0x2562)[0x55cbf9d4c792] /usr/bin/loolforkit(+0x15fc77)[0x55cbf9d35c77] /usr/bin/loolforkit(_Z18forkLibreOfficeKitRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES6_S6_S6_i+0xb44)[0x55cbf9d36b24] /usr/bin/loolforkit(main+0x18a7)[0x55cbf9d00e17] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xe7)[0x7fe0a0e7db97] /usr/bin/loolforkit(_start+0x2a)[0x55cbf9d07efa] Change-Id: Ia467d51896d1ac657bde5ae2803fcb2557ebd3fe Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105445 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-by: Michael Meeks <michael.meeks@collabora.com> (cherry picked from commit 5a3837034960327743154887732c4cae04cfc971) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114727 Reviewed-by: Andras Timar <andras.timar@collabora.com>
* Better handling of filelocsStephan Bergmann2021-04-271-0/+1
| | | | | | | | | | Change-Id: Ic9c06cb476942ceb7d0166f22103e2e88cc9c21f Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114339 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com> (cherry picked from commit 177dcfec4e833f83f1f11c7bdbfc6f1977ebcee7) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114355 Reviewed-by: Caolán McNamara <caolanm@redhat.com>
* tdf#128538: Open filesystem directories in Finder after allco-6.2-30Stephan Bergmann2021-04-161-3/+10
| | | | | | | | | | | | | | | | | Where option "-R" means, according to the open(1) man page: "Reveals the file(s) in the Finder instead of opening them." This appears to always reveal in Finder, even for *.app "application directories", so should not affect CVE-2019-9847.) Change-Id: I775db7bf71c09adc6570931a977b82dfee8dc95a Reviewed-on: https://gerrit.libreoffice.org/82749 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com> (cherry picked from commit 1ff1466b055890b2ca0ff3a47262bc048ad78542) Reviewed-on: https://gerrit.libreoffice.org/82756 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114213 Reviewed-by: Tor Lillqvist <tml@collabora.com> Tested-by: Tor Lillqvist <tml@collabora.com>
* Accept macOS SDK 11.1Tor Lillqvist2021-04-161-3/+9
| | | | | | | Change-Id: I8bd48e8c1908b27d6e90fffb3f712762a982b575 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114210 Tested-by: Tor Lillqvist <tml@collabora.com> Reviewed-by: Tor Lillqvist <tml@collabora.com>
* Bump version to 6.2-30Andras Timar2021-04-161-1/+1
| | | | Change-Id: I0d2a4d6b7d8fa311bd5bd4ebc86124caa77d5ccb