[Desktop-packages] [Bug 2100975] Re: CVE-2025-1080

Thu, 06 Mar 2025 22:26:45 -0800 

** Patch added: "libreoffice_24.2.7-0ubuntu0.24.04.3.diff"
   
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2100975/+attachment/5862818/+files/libreoffice_24.2.7-0ubuntu0.24.04.3.diff

** Changed in: libreoffice (Ubuntu Oracular)
       Status: New => In Progress

** Changed in: libreoffice (Ubuntu Jammy)
       Status: New => In Progress

** Changed in: libreoffice (Ubuntu Focal)
       Status: New => In Progress

** Changed in: libreoffice (Ubuntu Noble)
       Status: New => In Progress

** Changed in: libreoffice (Ubuntu Noble)
   Importance: Undecided => Medium

** Changed in: libreoffice (Ubuntu Jammy)
     Assignee: (unassigned) => Rico Tzschichholz (ricotz)

** Changed in: libreoffice (Ubuntu Noble)
     Assignee: (unassigned) => Rico Tzschichholz (ricotz)

** Changed in: libreoffice (Ubuntu Jammy)
   Importance: Undecided => Medium

** Changed in: libreoffice (Ubuntu Focal)
   Importance: Undecided => Medium

** Changed in: libreoffice (Ubuntu Focal)
     Assignee: (unassigned) => Rico Tzschichholz (ricotz)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/2100975

Title:
  CVE-2025-1080

Status in libreoffice package in Ubuntu:
  Fix Released
Status in libreoffice source package in Focal:
  In Progress
Status in libreoffice source package in Jammy:
  In Progress
Status in libreoffice source package in Noble:
  In Progress
Status in libreoffice source package in Oracular:
  In Progress
Status in libreoffice source package in Plucky:
  Fix Released

Bug description:
  CVE-2025-1080: Macro URL arbitrary script execution

  https://www.libreoffice.org/about-
  us/security/advisories/cve-2025-1080/

  https://gerrit.libreoffice.org/c/core/+/180970

  https://ubuntu.com/security/CVE-2025-1080

  * Oracular 24.10: Fix is included in 24.8.5 SRU
    - https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2098640
  * Noble 24.04: Backport of patch to 24.2.7 required
    - 
https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/noble-24.2
  * Jammy 22.04: Backport of patch to 7.3.7 required
    - 
https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/jammy-7.3
  * Focal 20.04: Backport of patch to 6.4.7 required
    - 
https://git.launchpad.net/~libreoffice/ubuntu/+source/libreoffice/log/?h=wip/focal-6.4

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2100975/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to