| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2022-1097 and moz#1767590 "memory safety violations"
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/135234
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Signed-off-by: Xisco Fauli <xiscofauli@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/135248
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit bb5216e345c42be440bce60b127af517c036c8ef)
Change-Id: I6895f066ad943402231b616dae0d7ed6f5678b5e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2022-27774 CVE-2022-27775 CVE-2022-27776 CVE-2022-27781
plus 6 more CVEs that shouldn't affect LO.
Remove obsolete configure-eval-fix.patch.0.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134225
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 58a3bf5199818e30ef4207213f29692d81b519c6)
upgrade to curl-7.81.0
Change-Id: I0a34239bfb16bf19e25bf374c7f36c4cdf1776c1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128783
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 40a84af1bdd7b3c414a8a78ca32b0951c03f9976)
Change-Id: Ifbd7ff5acf390df1d95d6b8be0dc7751e4753bbe
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/134246
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit f668663d63d5b0f37d4727b54585c3b67ab92162)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
includes:
CVE-2021-22945: clear the leftovers pointer when sending succeeds
CVE-2021-22946: do not ignore --ssl-reqd
CVE-2021-22947: reject STARTTLS server response pipelining
Change-Id: I0047bdaa7e6e3aed1317eb014d2051a4d5ac5964
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123883
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit a08d1dc4ee904428ef6f78208cc2508d3fc3717b)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2022-29824.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/133813
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit f670422a01e7336ba8a554331f3781ec7f5c4e8c)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/133831
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit e2104950ccd738cde5865ace63af5b3501df7362)
Change-Id: I31d6ec794b01dee0bb17022ef2e18d2acd8255df
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2018-25032
external/zlib/ubsan.patch: remove, fixed upstream
Change-Id: I2aa9a9008b9cf7efd970c5fff0df7029204204f8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132358
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit bfb6c4c65781a610d21409d974227d73f264f41a)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132191
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit b91ebecaaa1582a7cbeda519eb6097a6a866135f)
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2022-23308
Change-Id: I1b3bf5cf58d7d1f39c224b0d898176c95107fbf5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130241
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit d50a7151431335d1431bccef000ae39f84bdf135)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130259
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2022-25235
CVE-2022-25236
CVE-2022-25313
CVE-2022-25314
CVE-2022-25315
Change-Id: I1cb0449411fe938fe47ab47cead685fd04e137dd
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130157
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2021-30560
Change-Id: I334662ddc40955780321133be9aee23858e04dc1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130023
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit d74fbedd96c9563e1f6bb245dc7e136b30bc5e84)
|
|
|
|
|
|
|
|
| |
Change-Id: I1f2694abd9f577e0b4fedbf27118b52be8a1a688
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129072
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 8b537d5b40c617c29cf7ca19e63ab882525cf3aa)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
...using Java 1.4 java.util.logging.Logger instead also for the last remaining
uses in reportbuilder.
(The mention in swext/mediawiki/src/THIRDPARTYLICENSEREADME.html was presumably
a leftover from 4b6ceed4a4a9b152905a8b1712ffb9bd61373c16 "swext: Wiki Publisher
does not use those apache-commons libraries".)
Change-Id: Ia0bc598fe5844ced11cae497548ec7d09453a99d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113939
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127198
Tested-by: Gabor Kelemen <kelemeng@ubuntu.com>
Reviewed-by: Gabor Kelemen <kelemeng@ubuntu.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
CVE-2021-43527 Memory corruption via DER-encoded DSA and RSA-PSS signatures
Includes: nss: upgrade to release 3.71
* external/nss/nss.getopt.patch.0: fixed upstream
* external/nss/nss-win-arm64.patch: fixed upstream
* external/nss/nss_macosx.patch: one hunk was fixed upstream
Conflicts:
download.lst
Change-Id: I5c3f169c57fc2763029b07ad7e325b2f53b7e28f
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/126218
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit c8e21d246bcb4289cb25c82be440cd07b7418436)
(cherry picked from commit c99f4359a2901bde5d6cfb623a47f99ba2d5e18a)
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2021-23222.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/125308
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 71b9369f1cc40143108e3f2189d96e402895e315)
Change-Id: I4e16fcc60c634382a864f66b211d0e0170a06db0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The changelogs tend to mention "crash in malformed files" a lot.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/125034
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 03bc0f97205593547ddf1fc8d4fb396479bcab6d)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124973
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 22beb8f80985ea73e2c98d14480e53da81673c67)
Change-Id: Iadc1d9cc23abd09a8fff58ba0cb7a7803236a542
|
|
|
|
|
|
|
|
|
| |
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/122485
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 8cecaa622700cecb5b5776bd3e5360ac6cc3dd63)
Change-Id: I4e86b163a9abef88f26c6c0ae91ae0a4008658f1
|
|
|
|
|
|
|
|
|
| |
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/118868
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 7707339a7d10225ff2503a852f68427519ae26f6)
Change-Id: I2bfd5f806281e747702d423b7e59b5f88a7bea9c
|
|
|
|
|
|
|
|
|
| |
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115444
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit de16265f55ff2e4e1beb574fcb5b7b894df234f9)
Change-Id: I38c85fb3e30ffd1f7fc0a11948fc01338f7bb205
|
|
|
|
|
|
|
|
| |
Change-Id: I93b9a32a82098a7b45e899ef29349c48276aa724
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113067
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit d56414fddd0796e63d2d3ae63260de7c6952dc70)
|
|
|
|
|
|
|
|
|
|
|
| |
Allows dropping 5 upstreamed patches.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109195
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 229ee7c0ff5a69f09d6ac87dd585a11a8aacdcab)
Change-Id: I5f77502c5a2d11288b060956e69fd7767f52ab97
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2020-36230 and CVE-2020-36229 in libldap, plus lots of
other CVEs that affect only the server.
Unfortunately it looks like NSS support was removed in release 2.5.0.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124914
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 9393325c1db9fa25037d208607b71adb567a8bbc)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124860
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit b7c670984e4af1c73fa05731ca8029cec487bd52)
Change-Id: Ie43d7da1b9e92b5712f9cd22c4613648394c696f
|
|
|
|
|
|
|
|
|
| |
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109840
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit f341a9da2eb63ea40ccc5a17d7c9dc557682469f)
Change-Id: Ibc59469b74d54a2b307ea708ea5c4a752532f0b0
|
|
|
|
|
|
|
|
| |
Change-Id: Idc7ed6bbcd3298138fb92c81ddf7dd6278d201dc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/92472
Tested-by: Jenkins
Reviewed-by: David Tardon <dtardon@redhat.com>
(cherry picked from commit 56c4444638c0ebb21711b02d1ff235a3ffd3f232)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2019-12900
Change-Id: If3fcfff78a61c60014ba6d96f1ee0c432ccc52a1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124758
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 1289125532a029dc80e4ee3d0a49dca253f51888)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124762
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 7208197a4ac718411fa6e3b4c770fdec8c67557d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fixes CVE-2020-8284 CVE-2021-22924
* Also fixes these which don't look relevant to LO:
CVE-2020-8231
CVE-2020-8285 CVE-2020-8286
CVE-2021-22876 CVE-2021-22890
CVE-2021-22897 CVE-2021-22898 CVE-2021-22901
CVE-2021-22922 CVE-2021-22923 CVE-2021-22925 CVE-2021-22926
* disable some new protocols and dependencies
* remove curl-ios.patch.1 as the code no longer exists upstream
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119313
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 946f457c885bd10ff1a7281c351f3981f035f5a7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119262
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 020eb3b363a5c9444c97075a2e15b63ccbe7bf2d)
Change-Id: I12d5f87f4d503a5f9859226a05cfe2a07e46d993
|
|
|
|
|
|
|
|
|
|
|
| |
drop ubsan patch in favour of fix applied as
https://github.com/libexpat/libexpat/pull/398
Change-Id: I59eb9e24206b9a4cf323b7f7d48d8df0792a1c46
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116102
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 740d12d8a8294d4bfd28e6c3e4cf1e0ed560b198)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVE-2021-3541
* external/libxml2/ubsan.patch.0: remove, fixed upstream
Change-Id: I347dc854b862e78bde87d3e57cf5fdb584ca5673
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115913
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit bf0c6a98ae38cd2188d7f7e94f1563e5ce6a8ce4)
|
|
|
|
|
|
|
|
| |
Fixes CVE-2021-3177 plus these less important ones:
CVE-2021-23336 CVE-2020-27619 CVE-2020-14422 CVE-2020-26116
CVE-2019-20907 CVE-2020-8492 CVE-2019-18348
Change-Id: I8e83395bd3e871eb2ed030a03827b7d261c96049
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2020-25694, plus a bunch more CVE that don't look relevant.
* --with-krb5 no longer exists, neither does --disable-shared
* remove internal-zlib.patch.1:
zlib is only used by pg_* tools / contrib/pgcrypto
* remove postgresql-libs-leak.patch:
some relic from pre-gbuild times, not clear what the point is for
static libs
* remove postgresql-9.2.1-libreoffice.patch:
another dmake .mk file relic, and the win32 nmake build system was
removed
* add postgres-msvc-build.patch.1 to fix Cygwin perl and openssl
* on WNT, libpq.dll is now built, no longer static lib
postgresql: fix mistake in RepositoryExternal.mk
Change-Id: Ic0232a28801b2f604d9f4e33d5621ae3362defaa
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109640
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 234833f7823a1424b62c93e145f0cfe2c6b6efd5)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109698
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 1362bf7fa2957d34a7cef18dd95ede22cc42787f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
external: update pdfium to 4203
(cherry picked from commit 4488be8a9279be0bd0aebd476589a49d2b95da6e)
Update one mention of pdfium-4137.tar.bz2
...left behind by 4488be8a9279be0bd0aebd476589a49d2b95da6e "external: update
pdfium to 4203"
(cherry picked from commit ba4b3d5f7a0fe8d0d985e98897e041d59093d8b0)
external: update pdfium to 4260
(cherry picked from commit f19381e46930bb496e7331754843920933fb4be2)
external: update pdfium to 4306
(cherry picked from commit fe531957e3dcd42927cf15ab31d04473433d81f9)
Conflicts:
include/vcl/pdf/PDFAnnotationSubType.hxx
Change-Id: Ic10cf99fa412f8f0b3475e82d0a1839a7f04bd08
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105913
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit b4f50e78e9cd391964128bd0d1446d4dca110cef)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107063
Tested-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2020-27778, CVE-2020-35702
and changelogs mention lots of fuzzing fixes.
Change-Id: Ib07bdee726905e74afc13a01bbbd53f218121744
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108912
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 48e8b32a9b66722bbb28fc15840b3706a461aeb7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108904
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit fb185106492f5aabac6ab57ae90cd81d51480093)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108949
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a combination of 6 commits, which brings pdfium to the same
version as libreoffice-7-0.
This is the 1st commit message:
external: update pdfium to 4021
(cherry picked from commit 1cb70721ba00dd6c6958f0a10e39aa5c1866ec96)
This is the commit message #2:
external/pdfium: C++20 comparison operator fix
Missing const leads to overload resolution ambiguity when a synthesized
candidate of operator == for a reversed-argument rewrite conflicts with the
actual operator ==, due to the asymmetric const-ness of the implicit object
parameter and the RHS parameter:
> In file included from workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.cpp:7:
> In file included from workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.h:11:
> llvm/inst/include/c++/v1/vector:1369:27: error: use of overloaded operator '!=' is ambiguous (with operand types 'std::__1::__vector_base<unsigned char, FxAllocAllocator<unsigned char> >::allocator_type' (aka 'FxAllocAllocator<unsigned char>') and 'std::__1::__vector_base<unsigned char, FxAllocAllocator<unsigned char> >::allocator_type')
> if (__base::__alloc() != __c.__alloc())
> ~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~
> llvm/inst/include/c++/v1/vector:1359:5: note: in instantiation of member function 'std::__1::vector<unsigned char, FxAllocAllocator<unsigned char> >::__move_assign' requested here
> __move_assign(__x, integral_constant<bool,
> ^
> workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.cpp:384:24: note: in instantiation of member function 'std::__1::vector<unsigned char, FxAllocAllocator<unsigned char> >::operator=' requested here
> m_FontDataAllocation = std::vector<uint8_t, FxAllocAllocator<uint8_t>>(
> ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:74:8: note: candidate function
> bool operator!=(const FxAllocAllocator& that) { return false; }
> ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:73:8: note: candidate function
> bool operator==(const FxAllocAllocator& that) { return true; }
> ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:73:8: note: candidate function (with reversed parameter order)
(cherry picked from commit 6e0461d576d9f386e458f98f3c57f0ba385aacb4)
This is the commit message #3:
pdfium: don't patch out the COMPONENT_BUILD check, define it
So next time we update, no need to adapt a failing patch.
(cherry picked from commit 9b4ab9bda41a818832c721933986c9c6e07a6e6c)
This is the commit message #4:
make update_pch also consider files in <module>/src/**/inc
With --enable-pch=full there's not much difference between a "public"
header in <module>/inc and a private one in <module>/src/somewhere/inc .
And since the script searches recursively, this apparently helps to
find even more headers for lower pch levels.
[ Just the pdfium part. ]
(cherry picked from commit 69e0d871ec1de2260f9213d3113464155eac173c)
Change-Id: I8483d0aa5b4fea5a59107c20a8aa5f1ef694af0a
This is the commit message #5:
external: update pdfium to 4083
(cherry picked from commit 9054c36d4ea3bee25fb9a47a96a0ea2cd07148c3)
This is the commit message #6:
external: update pdfium to 4137
(cherry picked from commit 1ffe59ef31186e36ad0aa7bbcdd32e407ee8d26c)
Change-Id: Ib7c12461e04fa97bf55ee967e8d6c9bcf92fdf4a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102373
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2020-6829, CVE-2020-12400 CVE-2020-12401 CVE-2020-12403.
(also CVE-2020-12402 CVE-2020-12399 in older releases since 3.47)
* external/nss/nss.nspr-parallel-win-debug_build.patch:
remove, merged upstream
Change-Id: I8b48e25ce68a2327cde1420abdaea8f9e51a7888
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100345
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 495a5944a3d442cfe748a3bb0dcef76f6a961d30)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100420
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit 227d30a3a17f2fffb1a166cdc3e2a796bb335214)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100590
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since NSS 3.53, the Makefile based build should be fixed (upstream
bug 290526). The only missing patch is a minimal NSPR fix for the
"NSPR, configure + make, parallel, Windows, MS VS, debug" build.
That patch isn't incuded in the NSPR 4.25 release (but it's already
in the mercurial repo for NSPR 4.26).
Change-Id: I8eaa3792a12bdff734e56ac3f552991478957e23
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/95218
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de>
(cherry picked from commit b56e8d6def26a0430853835e997f1be841840a61)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100419
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit c1bce55faebd9ad8751d7b6b9a7f77dff7b3d507)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100589
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2020-8169, and about 3 other ones that don't affect LO/libcmis.
Disable new optional dependencies "ngtcp2" and "quiche".
Change-Id: I595ed909c4e792ac3244643511a338b117e7f102
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97406
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit cb0c7e26e5708010b1fe941ae2f66134f31ed876)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97386
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2018-3081 CVE-2020-2574 CVE-2020-2752 CVE-2020-2922 CVE-2020-13249
Remove obsolete patches:
* mariadb-msvc.patch.1
* mariadb-swap.patch
* mariadb-inline.patch.1
* mariadb-CONC-104.patch.1
Don't build anything from plugins/ in the hope that it's not needed.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96466
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit fe041bbc343ee08c6e901f63985d55a90da71c8b)
mariadb: forgot to adapt flatpak-manifest.in
mariadb: the "pvio_socket" plugin turns out to be important
... otherwise can't connect to a TCP socket.
(regression from fe041bbc343ee08c6e901f63985d55a90da71c8b)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96536
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 82a1650683df7d5c1769dfd68a26a4d071f1a546)
Change-Id: I1c8633866b7108a8bb22dae0e0dd5f4a44bf5150
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96519
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: If7abe97a6b8b9a5c8738db9bce1aec7bf1507ba5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93095
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 835b86437446a81541ab6923f7776a0a71c44ab9)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93540
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I89ac10b243ac0babbe0d1bf24a7e0f732fe5a495
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/92755
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
(cherry picked from commit 11ef83aa64af7e366cd56856853a7b332a69d105)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/92767
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2020-8315; this only affects Windows 7 and is a regression in
Python 3.6.
Change-Id: Ic1706e064a1b03ca1de6361794ed4586a89821d9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90916
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 74c811da0dedb205976eae69d8589fd91bbaefa2)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90824
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CPython commit f40d4ddff3c800b3c956a5e8820aabe3aa87cddd "Closes #27979:
Remove bundled copy of libffi" causes a bit of a problem because it
turns out that libffi isn't all that stable; there's libffi.so.5 on
CentOS 6, libffi.so.6 on CentOS 7 and libffi.so.7 on
lo_daily_update_gandalf tinderbox.
So we have to bundle it in LO; it's only used on GNU/Linux currently.
CPython commit 32119e10b792ad7ee4e5f951a2d89ddbaf111cc5 "bpo-35947:
Update Windows to the current version of libffi (GH-11797)" also removes
the libffi for MSVC, so in a future python upgrade we will have to build
libffi for MSVC too.
The libffi fork for MacOSX is still in CPython git master.
(regression from b10be5d48433076f0b7238d818020f708553e114)
Change-Id: Ibc20cf8cd3614cf9941b6970662bd930496776b2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86493
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 79084665f0e351a3f83fdee88071919f05ec9cc3)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86500
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* external/python3/python-3.3.3-aix.patch.1:
most of it doesn't apply and AIX port isn't maintained anyway so
remove it for now
* external/python3/ubsan.patch.0:
apparently one of the files was removed
* 0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1:
fixed upstream
* python3-osx-avoid-new-10.13.patch.1:
replace with simply passing ac_cv_func_utimensat=no to configure
* external/python3/python-3.5.4-ssl.patch.1:
project files to build OpenSSL removed upstream
* There have been changes to how python locates OpenSSL; new variables
OPENSSL_INCLUDES etc; it turns out that you have to pass one directory
to --with-openssl, as the variables cannot be passed
* libuuid.so.1 is a new dependency of the _uuid module
* libffi.so.6 is a new dependency of the _ctypes module (the bundled
copy of libffi for non-Darwin platforms was removed)
* python-3.3.0-pythreadstate.patch.1:
the PyThreadState functions have been changed such that
CppunitTest_services asserts when there is a PyThreadAttach on top of
PyThreadDetach on top of PyThreadAttach, i.e., 2 PyThreadState per
thread (PyGILState_Check() fails). Instead of patching in additional
workarounds, change PyThreadAttach so that it re-uses an existing
PyThreadState if one exists for the thread.
Change-Id: I24c19d79b43a30709261fd9db66312b2e3872fd9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/84765
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit b10be5d48433076f0b7238d818020f708553e114)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86398
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2019-11745.
Remove nss.fix-freebl-add-lcc-support.patch.1, fixed upstream.
Change-Id: I72e35c90fabb0a83f547a787dbaee774e35f9c08
Reviewed-on: https://gerrit.libreoffice.org/83673
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit a6238c3fba80889f9090d997e2a4979b78b34ac7)
Reviewed-on: https://gerrit.libreoffice.org/83738
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2019-18197.
Remove obsolete e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1.
Change-Id: I95cf498e245083528f98bfef8cdd240bbe2211b9
Reviewed-on: https://gerrit.libreoffice.org/83312
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit e9ea24cc004a8b9a5856f2f268bd40433c504db1)
Reviewed-on: https://gerrit.libreoffice.org/83377
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes CVE-2019-9903 CVE-2019-9631 CVE-2019-9545 CVE-2019-9543
CVE-2019-14494 CVE-2019-12293 CVE-2019-11026 CVE-2019-10873
CVE-2019-10872 CVE-2019-10871 CVE-2019-10018
remove obsolete 0001-ImageStream-getLine-fix-crash-on-broken-files.patch.1
Change-Id: I72b3bf89b294ed3e24157c7e75fd58d4f68d9f35
Reviewed-on: https://gerrit.libreoffice.org/83308
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 28e52c49452320ac76489d0f93ca5692456e5331)
Reviewed-on: https://gerrit.libreoffice.org/83335
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
|
|
|
|
|
|
|
|
|
|
| |
... which is, surprisingly enough, required to build the latest libxslt.
Change-Id: Ifbb36ed61b8f68185f9c788f63a8edeb58899f94
Reviewed-on: https://gerrit.libreoffice.org/83311
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit d1bf39a78ed239d4493f0470ca937852265e79d6)
Reviewed-on: https://gerrit.libreoffice.org/83346
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2019-9948 CVE-2019-9740 CVE-2019-10160 CVE-2019-16056
and expat CVE-2019-15903.
python-3.3.5-pyexpat-symbols.patch.1 fails to apply, and it's a
mystery why --with-system-expat is used everywhere but on MacOSX,
where 292af048ace2d4b455b2da3a22c784cb05db1d09 disabled it for no
obvious reason, so try to remove the special case and get rid of the
patch.
Change-Id: I5ba4532eb6e7c2fb90daba95d132dcc7c9013d96
Reviewed-on: https://gerrit.libreoffice.org/83117
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit b0930d56130fdddfe65e92b081a8afad77974076)
Reviewed-on: https://gerrit.libreoffice.org/83187
|
|
|
|
|
|
|
|
|
| |
Also simplify visibility.patch.1.
Change-Id: I8b4ed78b314a1a1f7d31467f782877f056429cc2
Reviewed-on: https://gerrit.libreoffice.org/82548
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
|
|
|
|
|
| |
Change-Id: Iebbf6a2b77951e4e952dd2da42b374c8ec00ad7b
Reviewed-on: https://gerrit.libreoffice.org/81718
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
sberg says: On Windows, implicit --enable-extras first causes a build breaker
in workdir/UnpackedTarball/icu/source/extras/scrptrun when linking, because
Windows link.exe doesn't understand -o. But even with a patch
> --- source/extra/scrptrun/Makefile.in
> +++ source/extra/scrptrun/Makefile.in
> @@ -74,7 +74,7 @@
> && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
>
> $(TARGET) : $(OBJECTS)
> - $(LINK.cc) -o $@ $^ $(LIBS)
> + $(LINK.cc) $(OUTOPT)$@ $^ $(LIBS)
> $(POST_BUILD_STEP)
>
> invoke:
linking would still fail with a missing ../../lib/icuucdd.lib, which is
apparently expanded from $(LIBS) there, but I have no idea where it should be
built but isn't. Lets hope that --disable-extras is sufficient for our needs.
Change-Id: I6d0117b230caa41abf488fcd069028e3474700f8
Reviewed-on: https://gerrit.libreoffice.org/81632
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
As an interim step to upgrade to ICU 65.1
Adds new scripts and Unicode blocks from Unicode 12.
Change-Id: Idc4a6b29ffb04bcb424522fcbd29a8db0428c056
Reviewed-on: https://gerrit.libreoffice.org/81611
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins
|
|
|
|
|
|
|
| |
Change-Id: Idf7cca7b09594fe4452006fe884577725adf0c0e
Reviewed-on: https://gerrit.libreoffice.org/80632
Tested-by: Jenkins
Reviewed-by: Kohei Yoshida <kohei@libreoffice.org>
|
|
|
|
|
|
|
|
| |
Change-Id: Ideb980a07632e75e2bc7fffa851b8419e727c13b
Reviewed-on: https://gerrit.libreoffice.org/80340
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|