** Changed in: libreoffice (Ubuntu Focal)
Assignee: (unassigned) => Rico Tzschichholz (ricotz)
** Changed in: libreoffice (Ubuntu Jammy)
Assignee: (unassigned) => Rico Tzschichholz (ricotz)
** Changed in: libreoffice (Ubuntu Noble)
Assignee: (unassigned) => Rico Tzschichholz (ricotz)
** Changed in: libreoffice (Ubuntu Noble)
Status: New => In Progress
** Changed in: libreoffice (Ubuntu Jammy)
Status: New => In Progress
** Changed in: libreoffice (Ubuntu Focal)
Status: New => In Progress
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/2109955
Title:
CVE-2025-2866
Status in libreoffice package in Ubuntu:
Fix Released
Status in libreoffice source package in Focal:
In Progress
Status in libreoffice source package in Jammy:
In Progress
Status in libreoffice source package in Noble:
In Progress
Status in libreoffice source package in Oracular:
In Progress
Status in libreoffice source package in Plucky:
Fix Released
Status in libreoffice source package in Questing:
Fix Released
Bug description:
CVE-2025-2866: PDF signature forgery with adbe.pkcs7.sha1 SubFilter
https://www.libreoffice.org/about-
us/security/advisories/cve-2025-2866/
https://gerrit.libreoffice.org/c/core/+/183059
https://ubuntu.com/security/CVE-2025-2866
* Oracular 24.10: Fix is included in 24.8.6 SRU
- https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2098640
- no-change rebuild for security pocket required
* Noble 24.04: Backport of patch to 24.2.7 required
- ...
* Jammy 22.04: Backport of patch to 7.3.7 required
- ...
* Focal 20.04: Backport of patch to 6.4.7 required
- ...
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2109955/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
