Djam/libreoffice
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/libreoffice.git synced 2025-02-23 18:43:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix CVE-2019-9854

Browse source 
https://usn.ubuntu.com/4138-1/
This commit is contained in:
Mikhail Novosyolov 2019-10-10 00:59:11 +03:00
parent d1ceeebec9
commit 7da4723be9
2 changed files with 36 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
CVE-2019-9854.patch Normal file
View file

@ -0,0 +1,34 @@
Description: - an absolute uri is invalid input
- improve check for absolute URI
Authors: - Caolán McNamara <caolanm@redhat.com>
- Stephan Bergmann <sbergman@redhat.com>
diff --git a/scripting/source/pyprov/pythonscript.py b/scripting/source/pyprov/pythonscript.py
index 316c5012c..c46565949 100644
--- a/scripting/source/pyprov/pythonscript.py
+++ b/scripting/source/pyprov/pythonscript.py
@@ -237,6 +237,11 @@ class MyUriHelper:
log.debug( message )
raise RuntimeException( message )
+ if not xFileUri.hasRelativePath():
+ message = "pythonscript: an absolute uri is invalid '" + sFileUri+ "'"
+ log.debug( message )
+ raise RuntimeException( message )
+
# absolute path to the .py file
xAbsScriptUri = self.m_uriRefFac.makeAbsolute(xBaseUri, xFileUri, True, RETAIN)
sAbsScriptUri = xAbsScriptUri.getUriReference()
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index a508aea86..3ec10565b 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -1371,7 +1371,7 @@ bool SfxObjectShell::UnTrustedScript(const OUString& rScriptURL)
do
{
OUString aToken = sScript.getToken(0, '/', nIndex);
- if (aToken.startsWithIgnoreAsciiCase("LibreLogo"))
+ if (aToken.startsWithIgnoreAsciiCase("LibreLogo") || aToken.indexOf('~') != -1)
{
return true;
}

3
libreoffice.spec
View file

@ -42,7 +42,7 @@ Summary: Office suite
Name: libreoffice Name: libreoffice
Epoch: 1 Epoch: 1
Version: 6.0.7 Version: 6.0.7
Release: 4 Release: 8
License: (MPLv1.1 or LGPLv3+) and LGPLv3 and LGPLv2+ and BSD and (MPLv1.1 or GPLv2 or LGPLv2 or Netscape) and Public Domain and ASL 2.0 and Artistic License: (MPLv1.1 or LGPLv3+) and LGPLv3 and LGPLv2+ and BSD and (MPLv1.1 or GPLv2 or LGPLv2 or Netscape) and Public Domain and ASL 2.0 and Artistic
Group: Office Group: Office
Url: http://www.libreoffice.org Url: http://www.libreoffice.org
@ -101,6 +101,7 @@ Patch105: libreoffice-5.4.3.1-breeze-fallback-theme.patch
Patch110: CVE-2019-9848.patch Patch110: CVE-2019-9848.patch
Patch111: CVE-2019-9849.patch Patch111: CVE-2019-9849.patch
Patch112: CVE-2019-9850_1_2.patch Patch112: CVE-2019-9850_1_2.patch
Patch113: CVE-2019-9854.patch
BuildRequires: bison BuildRequires: bison
BuildRequires: bsh BuildRequires: bsh