Public Git Hosting - LibreOffice.git/log

commit | commitdiff | tree

Andras Timar [Wed, 9 Feb 2022 10:59:50 +0000 (9 11:59 +0100)]

Need adding NSS_DISABLE_AVX2 for old vs2015 windows builds

Change-Id: Ib84092b3b3f7c0a304c79baa8b2549ee74f05cf8

commit | commitdiff | tree

Andras Timar [Tue, 8 Feb 2022 11:12:38 +0000 (8 12:12 +0100)]

Bump product version to 6.1.6.3.M17

Change-Id: Iffddff60e743f0eb3a21aaddc1bd5bc097dc04ae

commit | commitdiff | tree

Caolán McNamara [Sun, 30 Jan 2022 19:28:23 +0000 (30 19:28 +0000)]

upgrade to expat 2.4.4

Change-Id: Ie141268793dc4332d8c253bec4e986894682c7a6
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/129179
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>

commit | commitdiff | tree

Caolán McNamara [Mon, 20 Dec 2021 17:05:44 +0000 (20 17:05 +0000)]

only use X509Data

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127193
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit be446d81e07b5499152efeca6ca23034e51ea5ff)

Change-Id: I52e6588f5fac04bb26d77c1f3af470db73e41f72

commit | commitdiff | tree

Michael Stahl [Tue, 19 Oct 2021 13:17:39 +0000 (19 15:17 +0200)]

nss: upgrade to release 3.73

Fixes:
CVE-2021-43527 Memory corruption via DER-encoded DSA and RSA-PSS signatures

Includes: nss: upgrade to release 3.71

* external/nss/nss.getopt.patch.0: fixed upstream
* external/nss/nss-win-arm64.patch: fixed upstream
* external/nss/nss_macosx.patch: one hunk was fixed upstream

Conflicts:
download.lst

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/126218
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit c8e21d246bcb4289cb25c82be440cd07b7418436)

Change-Id: I5c3f169c57fc2763029b07ad7e325b2f53b7e28f
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/126235
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>

commit | commitdiff | tree

Michael Stahl [Fri, 26 Feb 2021 16:29:37 +0000 (26 17:29 +0100)]

xmlsecurity: add tests for multiple X509Data/X509Certificate

Change-Id: If50ae8156f81c1053aa8fbfc3148da64bb8e1442

commit | commitdiff | tree

Michael Stahl [Fri, 26 Feb 2021 16:24:10 +0000 (26 17:24 +0100)]

xmlsecurity: add test for timestamps

Change-Id: I6ce64ca7c59639684779144ed0ed8d36c4aca32b

commit | commitdiff | tree

Caolán McNamara [Wed, 7 Aug 2019 11:58:01 +0000 (7 12:58 +0100)]

expand pyuno path separators

Change-Id: Ic97649ed6d4be595b308922c7bdc880cbb60b239
Reviewed-on: https://gerrit.libreoffice.org/77102
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 75903a0298218f89a199a5ac151ee0166f4469d7)
Reviewed-on: https://gerrit.libreoffice.org/77115

commit | commitdiff | tree

Caolán McNamara [Sat, 4 Aug 2018 14:30:46 +0000 (4 15:30 +0100)]

crashtesting: bubble surface creation failure notification upwards

e.g. on converting moz858095-2.svg to odg

Change-Id: I1a222f1745cff9c4cb225f6c0c216072fb17b4f7
Reviewed-on: https://gerrit.libreoffice.org/58587
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>

commit | commitdiff | tree

Andras Timar [Thu, 9 Sep 2021 11:41:58 +0000 (9 13:41 +0200)]

Bump product version to 6.1.6.3.M16

Change-Id: I5abcf1b57b3e9a03a30d75f881a3a439697dbe94

commit | commitdiff | tree

Michael Stahl [Wed, 25 Aug 2021 09:32:11 +0000 (25 11:32 +0200)]

openssl: add patch for CVE-2021-3712

Change-Id: I4061cbac18ddf9c7f932a27bf2b54a2b1c2f9d99
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/121029
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>

commit | commitdiff | tree

Michael Stahl [Wed, 21 Jul 2021 09:57:51 +0000 (21 11:57 +0200)]

curl: upgrade to release 7.78.0

* Fixes CVE-2020-8284 CVE-2021-22924
* Also fixes these which don't look relevant to LO:
  CVE-2020-8231
  CVE-2020-8285 CVE-2020-8286
  CVE-2021-22876 CVE-2021-22890
  CVE-2021-22897 CVE-2021-22898 CVE-2021-22901
  CVE-2021-22922 CVE-2021-22923 CVE-2021-22925 CVE-2021-22926
* disable some new protocols and dependencies
* remove curl-ios.patch.1 as the code no longer exists upstream

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119313
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 946f457c885bd10ff1a7281c351f3981f035f5a7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119262
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 020eb3b363a5c9444c97075a2e15b63ccbe7bf2d)

Change-Id: I12d5f87f4d503a5f9859226a05cfe2a07e46d993
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119427
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>

commit | commitdiff | tree

Caolán McNamara [Tue, 25 May 2021 09:44:13 +0000 (25 10:44 +0100)]

upgrade to Expat 2.4.1

drop ubsan patch in favour of fix applied as
https://github.com/libexpat/libexpat/pull/398

Change-Id: I59eb9e24206b9a4cf323b7f7d48d8df0792a1c46
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116102
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 740d12d8a8294d4bfd28e6c3e4cf1e0ed560b198)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119426
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>

commit | commitdiff | tree

Michael Stahl [Fri, 21 May 2021 11:33:26 +0000 (21 13:33 +0200)]

libxml2: upgrade to release 2.9.12

Fixes:
CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537 CVE-2021-3541

* external/libxml2/ubsan.patch.0: remove, fixed upstream

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115913
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit bf0c6a98ae38cd2188d7f7e94f1563e5ce6a8ce4)

Change-Id: I347dc854b862e78bde87d3e57cf5fdb584ca5673
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115935
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>

commit | commitdiff | tree

Juergen Funk [Wed, 5 Sep 2018 13:36:23 +0000 (5 15:36 +0200)]

Improve the Windows SDK 10 ProductVersion-Path

At the moment the ProductVersion-Path has always the same format,
with this patch, when the format the same, then no change is need for
the next Version.

Change-Id: I6a52fd20751ba139dd5ed6e3802f29c5e8f02975
Reviewed-on: https://gerrit.libreoffice.org/60041
Tested-by: Jenkins
Reviewed-by: Juergen Funk (CIB) <juergen.funk_ml@cib.de>

commit | commitdiff | tree

Michael Stahl [Thu, 3 Dec 2020 16:42:18 +0000 (3 17:42 +0100)]

pdfium: MSVC 2015 build

commit | commitdiff | tree

Andras Timar [Wed, 5 May 2021 11:07:13 +0000 (5 13:07 +0200)]

Bump product version to 6.1.6.3.M15

Change-Id: Ifb0ffe2bb5ec92136710cdd37dc56873fe50b6a9

commit | commitdiff | tree

Andras Timar [Wed, 18 Apr 2018 14:19:00 +0000 (18 07:19 -0700)]

[cp] HACK: sleep before sign

On Windows, with 16x parallel build, build-nocheck target fails,
because it tries to sign a file that is already in use (gengal).

Change-Id: Ic582334f2c02f5e38f49d048fc0425025ffeee41
Reviewed-on: https://gerrit.libreoffice.org/75235
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>

commit | commitdiff | tree

Andras Timar [Thu, 11 Feb 2021 07:27:23 +0000 (11 08:27 +0100)]

try to use a different timestamp service

Change-Id: I0fdbe2871d74836d530a69532bf22c17f642c922

commit | commitdiff | tree

Luboš Luňák [Thu, 29 Apr 2021 18:10:34 +0000 (29 20:10 +0200)]

allow utf-8 in xml names (liborcus) (tdf#141672)

Change-Id: Ib150d55b588a572e4352396f18de2331983b2aae
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/114892
Tested-by: Jenkins
Reviewed-by: Luboš Luňák <l.lunak@collabora.com>

commit | commitdiff | tree

Thorsten Behrens [Tue, 13 Apr 2021 11:56:36 +0000 (13 13:56 +0200)]

Fixup xmlsecurity test

Change-Id: I616867dbf79a85671d04bd31fac5cb592b5beaaf

commit | commitdiff | tree

Michael Stahl [Wed, 7 Apr 2021 15:00:43 +0000 (7 17:00 +0200)]

xmlsec: fix signing documents on WNT

Duplicate ds:X509Certificate elements cause:
warn:xmlsecurity.comp:9604:3820:xmlsecurity/source/helper/xmlsignaturehelper.cxx:658: X509Data do not form a chain: certificate in cycle:

(regression from 5af5ea893bcb8a8eb472ac11133da10e5a604e66)

Change-Id: I3d319a2f74dbec17b73f1c7bb8f4efe4e335f0ac
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113746
Tested-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit ae08aa8a095832ae2a88eac14f9680ac8d3a13b6)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113752
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 0ab3a264ba8d732cffa42a069c9aa50dab44e99f)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113754
Tested-by: Michael Stahl <michael.stahl@allotropia.de>

commit | commitdiff | tree

Michael Stahl [Tue, 30 Mar 2021 15:37:31 +0000 (30 17:37 +0200)]

xmlsecurity: replace OOXMLSecParser implementation

This is similar to 12b15be8f4f930a04d8056b9219ac969b42a9784 and following
commits, but OOXMLSecParser has some differences to XSecParser, such as
using a ds:Manifest, and requires a couple extra namespaces.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113381
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit cc1d19f7bbaefa5fb22ebd1344112755068b93c9)

Change-Id: I56e39d9609db8fcad50ca1632ff482c1f0a30ff5

commit | commitdiff | tree

Miklos Vajna [Wed, 31 Mar 2021 11:58:28 +0000 (31 13:58 +0200)]

xmlsecurity nss: fix OOXML signing with ECDSA key

Reviewed-on: https://gerrit.libreoffice.org/54779
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit 6b1b8ef51b752f9711d6581283d6c515d3c50d9b)

Change-Id: Id2b59887fcd69e294a6d9db17ec0446615054ecc

commit | commitdiff | tree

Miklos Vajna [Tue, 19 Jun 2018 17:50:02 +0000 (19 19:50 +0200)]

Also fix the generated test certs + generator script to avoid expired

certs for a while (.db files generated with Firefox 57.0).

Reviewed-on: https://gerrit.libreoffice.org/56123
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit 71198fe7d9539859883b6226738fbea52a08a5c4)

Change-Id: I30e1b13454cc45ead7605d076e8e24984ae186c1

commit | commitdiff | tree

Michael Stahl [Thu, 25 Feb 2021 13:17:48 +0000 (25 14:17 +0100)]

xmlsecurity: improve handling of multiple X509Data elements

Combine everything related to a certificate in a new struct X509Data.

The CertDigest is not actually written in the X509Data element but in
xades:Cert, so try to find the matching entry in
XSecController::setX509CertDigest().

There was a confusing interaction with PGP signatures, where ouGpgKeyID
was used for import, but export wrote the value from ouCertDigest
instead - this needed fixing.

The main point of this is enforcing a constraint from xmldsig-core 4.5.4:

  All certificates appearing in an X509Data element MUST relate to the
  validation key by either containing it or being part of a certification
  chain that terminates in a certificate containing the validation key.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111254
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 9e82509b09f5fe2eb77bcdb8fd193c71923abb67)

xmlsecurity: improve handling of multiple certificates per X509Data

It turns out that an X509Data element can contain an arbitrary number of
each of its child elements.

How exactly certificates of an issuer chain may or should be distributed
across multiple X509Data elements isn't terribly obvious.

One thing that is clear is that any element that refers to or contains
one particular certificate has to be a child of the same X509Data
element, although in no particular order, so try to match the 2 such
elements that the parser supports in XSecController::setX509Data().

Presumably the only way it makes sense to have multiple signing
certificates is if they all contain the same key but are signed by
different CAs. This case isn't handled currently; CheckX509Data() will
complain there's not a single chain and validation of the certificates
will fail.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111500
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 5af5ea893bcb8a8eb472ac11133da10e5a604e66)

xmlsecurity: add EqualDistinguishedNames()

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111545
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 1d3da3486d827dd5e7a3bf1c7a533f5aa9860e42)

xmlsecurity: avoid exception in DigitalSignaturesDialog::getCertificate()

Fallback to PGP if there's no X509 signing certificate because
CheckX509Data() failed prevents the dialog from popping up.

To avoid confusing the user in this situation, the dialog should
show no certificate, which is already the case.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111664
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 90b725675c2964f4a151d802d9afedd8bc2ae1a7)

xmlsecurity: fix crash in DocumentDigitalSignatures::isAuthorTrusted()

If the argument is null.

This function also should use EqualDistinguishedNames().

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111667
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit ca98e505cd69bf95d8ddb9387cf3f8e03ae4577d)

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111910
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit a1cf770c2d7ca3e153e0b1f01ddcc313bc2bed7f)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/113058
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Change-Id: I9633a980b0c18d58dfce24fc59396a833498a77d

commit | commitdiff | tree

Miklos Vajna [Mon, 4 Jun 2018 19:25:38 +0000 (4 21:25 +0200)]

libxmlsec: drop not needed xmlsec1-customkeymanage.patch.1

This was added in commit ebd1b95bb5f9235d1dba1b840fd746c9b53320d2
(INTEGRATION: CWS xmlsec08 (1.1.2); FILE ADDED; 2005-03-10) without any
real commit message to explain why this is necessary.

system-xmlsec (not containing this patch) works fine for our XML signing
purposes with software certificates, and just recently I learned that
even hardware-based certificates work fine without this patch, so it can
go away.

I assume this was a refactor to allow some new feature as a next step,
but that feature was never implemented.

[ Committer's note: this xmlsec1-customkeymanage.patch.1 breaks the test
  SigningTest::testXAdESNotype():
  In xmlSecNssKeyDataX509VerifyAndExtractKey(), code is added to extract
  the *private* key of the certificate; upstream only extracts the
  public key.
  Later this causes a key requirement check in xmlSecKeysMngrGetKey() to
  succeed which would otherwise fail, and the certificate to remain
  uncleared.
  Then xmlSecKeyInfoNodeWrite() writes the certificate into the KeyInfo
  element, where it was previously read from, so it is duplicated and
  LO's CheckX509Data() fails because of 2 signing certificates. ]

Reviewed-on: https://gerrit.libreoffice.org/55296
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit f06004c03bbd076767a570180b7fc239064713e6)

Change-Id: I31639230483cd34b14b35fd41b4fcd8284476138

commit | commitdiff | tree

Michael Stahl [Wed, 24 Mar 2021 16:21:53 +0000 (24 17:21 +0100)]

clang-format ooxmlsecexporter.cxx

Change-Id: I3faa33c98ec56197a1528f443c3850c70e171c4b

commit | commitdiff | tree

Michael Stahl [Fri, 19 Feb 2021 16:56:21 +0000 (19 17:56 +0100)]

xmlsecurity: ignore elements in ds:Object that aren't signed

Change-Id: I2e4411f0907b89e7ad6e0185cee8f12b600515e8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111253
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 2bfa00e6bf4b2a310a8b8f5060acec85b5f7a3ce)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111909
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 94ce59dd02fcfcaa1eb4f195b45a9a2edbd58242)

commit | commitdiff | tree

Michael Stahl [Thu, 18 Feb 2021 18:22:31 +0000 (18 19:22 +0100)]

xmlsecurity: XSecParser confused about multiple timestamps

LO writes timestamp both to dc:date and xades:SigningTime elements.

The parser tries to avoid reading multiple dc:date, preferring the first
one, but doesn't care about multiple xades:SigningTime, for undocumented
reasons.

Ideally something should check all read values for consistency.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111160
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 4ab8d9c09a5873ca0aea56dafa1ab34758d52ef7)

xmlsecurity: remove XSecController::setPropertyId()

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111252
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit d2a345e1163616fe3201ef1d6c758e2e819214e0)

Change-Id: Ic018ee89797a1c8a4f870ae102af48006de930ef
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111908
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit abe77c4fcb9ea97d9fff07eaea6d8863bcba5b02)

commit | commitdiff | tree

Michael Stahl [Wed, 24 Mar 2021 15:36:31 +0000 (24 16:36 +0100)]

xmlsecurity: replace XSecParser implementation

Implement Namespaces in XML and follow xmldsig-core and XAdES schemas.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110833
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 12b15be8f4f930a04d8056b9219ac969b42a9784)

xmlsecurity: move XSecParser state into contexts

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111158
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 59df9e70ce1a7ec797b836bda7f9642912febc53)

xmlsecurity: move XSecParser Reference state into contexts

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111159
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit cfeb89a758b5f0ec406f0d72444e52ed2f47b85e)

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111907
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit ad5930e87e788780a255523f106deb1dde5d7b37)

Change-Id: I03537b51bb757ecbfa63a826b38de543c70ba032

commit | commitdiff | tree

Noel Grandin [Tue, 12 May 2020 14:17:25 +0000 (12 16:17 +0200)]

expand out some namespace aliases [xmlsecurity/source/helper]

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94093
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
(cherry picked from commit 943fbfad668da76f7d0ebd4f4d8cdd67224d2f01)

plus one line in xsecverify.cxx from:

    commit f59d9e7ea09482c2e9e5f52a8d0445e4cebc3df5
    Author:     Noel Grandin <noel.grandin@collabora.co.uk>
    AuthorDate: Fri Apr 3 15:53:49 2020 +0200

    new loplugin:unusedvariableplus

    a particularly aggressive checker, which is why it is off by default

Change-Id: I5fdb554a1b116824843f35645bc1cea3ca91e0f2

commit | commitdiff | tree

Stephan Bergmann [Thu, 8 Nov 2018 20:39:16 +0000 (8 21:39 +0100)]

css::security::DocumentSignatureInformation::SignatureTime is 32 bit

...and has always represented the time of day in 100th of seconds.  When
tools::Time had been changed to 64 bit nanoseconds in
9830fd36dbdb72c79703b0c61efc027fba793c5a "date/time IDL datatypes incompatible
change", conversion between the two has apparently been forgotten, so that
CppunitTest_desktop_lib under (new-in-Clang)
-fsanitize=implicit-signed-integer-truncation failed with

> xmlsecurity/source/component/documentdigitalsignatures.cxx:536:38: runtime error: implicit conversion from type 'sal_Int64' (aka 'long') of value 192536379741069 (64-bit, signed) to type '::sal_Int32' (aka 'int') changed the value to 1585795981 (32-bit, signed)
>  #0 in DocumentDigitalSignatures::ImplVerifySignatures(com::sun::star::uno::Reference<com::sun::star::embed::XStorage> const&, com::sun::star::uno::Reference<com::sun::star::io::XInputStream> const&, DocumentSignatureMode) at xmlsecurity/source/component/documentdigitalsignatures.cxx:536:38 (instdir/program/libxmlsecurity.so +0x488319)
>  #1 in DocumentDigitalSignatures::verifyDocumentContentSignatures(com::sun::star::uno::Reference<com::sun::star::embed::XStorage> const&, com::sun::star::uno::Reference<com::sun::star::io::XInputStream> const&) at xmlsecurity/source/component/documentdigitalsignatures.cxx:296:12 (instdir/program/libxmlsecurity.so +0x484ea6)
>  #2 in non-virtual thunk to DocumentDigitalSignatures::verifyDocumentContentSignatures(com::sun::star::uno::Reference<com::sun::star::embed::XStorage> const&, com::sun::star::uno::Reference<com::sun::star::io::XInputStream> const&) at xmlsecurity/source/component/documentdigitalsignatures.cxx (instdir/program/libxmlsecurity.so +0x4890fa)
>  #3 in SfxObjectShell::ImplAnalyzeSignature(bool, com::sun::star::uno::Reference<com::sun::star::security::XDocumentDigitalSignatures> const&) at sfx2/source/doc/objserv.cxx:1368:47 (instdir/program/libsfxlo.so +0x3866a04)
>  #4 in SfxObjectShell::ImplGetSignatureState(bool) at sfx2/source/doc/objserv.cxx:1397:74 (instdir/program/libsfxlo.so +0x3869118)
>  #5 in SfxObjectShell::GetDocumentSignatureState() at sfx2/source/doc/objserv.cxx:1575:12 (instdir/program/libsfxlo.so +0x3863e57)
>  #6 in SfxObjectShell::CheckForBrokenDocSignatures_Impl() at sfx2/source/doc/objmisc.cxx:974:38 (instdir/program/libsfxlo.so +0x3812535)
>  #7 in SfxObjectShell::CheckSecurityOnLoading_Impl() at sfx2/source/doc/objmisc.cxx:924:5 (instdir/program/libsfxlo.so +0x38120bc)
>  #8 in SfxObjectShell::FinishedLoading(SfxLoadedFlags) at sfx2/source/doc/objmisc.cxx:1072:9 (instdir/program/libsfxlo.so +0x3818a89)
>  #9 in SwDocShell::LoadingFinished() at sw/source/uibase/app/docsh.cxx:1200:5 (instdir/program/libswlo.so +0xcfd4f08)
>  #10 in SwDocShell::Load(SfxMedium&) at sw/source/uibase/app/docshini.cxx:582:13 (instdir/program/libswlo.so +0xd091a39)
>  #11 in SfxObjectShell::LoadOwnFormat(SfxMedium&) at sfx2/source/doc/objstor.cxx:3053:20 (instdir/program/libsfxlo.so +0x3895e54)
>  #12 in SfxObjectShell::DoLoad(SfxMedium*) at sfx2/source/doc/objstor.cxx:725:40 (instdir/program/libsfxlo.so +0x389bdd5)
>  #13 in SfxBaseModel::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) at sfx2/source/doc/sfxbasemodel.cxx:1795:36 (instdir/program/libsfxlo.so +0x3a40e1e)
>  #14 in (anonymous namespace)::SfxFrameLoader_Impl::load(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&, com::sun::star::uno::Reference<com::sun::star::frame::XFrame> const&) at sfx2/source/view/frmload.cxx:688:28 (instdir/program/libsfxlo.so +0x40c30c0)
>  #15 in framework::LoadEnv::impl_loadContent() at framework/source/loadenv/loadenv.cxx:1149:37 (instdir/program/libfwklo.so +0x1520131)
>  #16 in framework::LoadEnv::startLoading() at framework/source/loadenv/loadenv.cxx:383:20 (instdir/program/libfwklo.so +0x1510b16)
>  #17 in framework::LoadEnv::loadComponentFromURL(com::sun::star::uno::Reference<com::sun::star::frame::XComponentLoader> const&, com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext> const&, rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) at framework/source/loadenv/loadenv.cxx:169:14 (instdir/program/libfwklo.so +0x150c7c8)
>  #18 in framework::Desktop::loadComponentFromURL(rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) at framework/source/services/desktop.cxx:619:12 (instdir/program/libfwklo.so +0x166f1ce)
>  #19 in non-virtual thunk to framework::Desktop::loadComponentFromURL(rtl::OUString const&, rtl::OUString const&, int, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) at framework/source/services/desktop.cxx (instdir/program/libfwklo.so +0x166f3da)
>  #20 in unotest::MacrosTest::loadFromDesktop(rtl::OUString const&, rtl::OUString const&, com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) at unotest/source/cpp/macros_test.cxx:50:60 (workdir/LinkTarget/CppunitTest/../Library/libunotest.so +0x8f176)
>  #21 in DesktopLOKTest::loadDoc(char const*, LibreOfficeKitDocumentType) at desktop/qa/desktop_lib/test_desktop_lib.cxx:215:19 (workdir/LinkTarget/CppunitTest/libtest_desktop_lib.so +0xf2ca0)
>  #22 in DesktopLOKTest::testGetSignatureState_Signed() at desktop/qa/desktop_lib/test_desktop_lib.cxx:2254:37 (workdir/LinkTarget/CppunitTest/libtest_desktop_lib.so +0x185a42)
[...]

Change-Id: I935f2e37ce6bcb0448f89e75a4f34f78ba54f58d
Reviewed-on: https://gerrit.libreoffice.org/63136
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 015e4266a82ead8135458bd07f01838222521eea)

commit | commitdiff | tree

Miklos Vajna [Mon, 8 Apr 2019 19:37:23 +0000 (8 21:37 +0200)]

tdf#123747 xmlsecurity, ODF sign roundtrip: preserve invalid reference type

Only add the correct type to new signatures to avoid breaking the hash
of old ones.

(cherry picked from commit 8a9d8238bd8f903393ff1184aa37f8973c81e2ba)

Conflicts:
xmlsecurity/qa/unit/signing/signing.cxx

Change-Id: I30f892b292f84a0575a3d4ef5ccf3eddbe0090ca
Reviewed-on: https://gerrit.libreoffice.org/70451
Tested-by: Jenkins
Tested-by: Xisco Faulí <xiscofauli@libreoffice.org>
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
(cherry picked from commit f82e3b03162bff8ecd0409be21744f2c2b2c9144)

commit | commitdiff | tree

Miklos Vajna [Mon, 27 Aug 2018 07:15:16 +0000 (27 09:15 +0200)]

tdf#119309 xmlsecurity xades: missing XML attribute on idSignedProperties ref

The AdES validator at
<https://ec.europa.eu/cefdigital/DSS/webapp-demo/validation> recently
learned to deal with ODF files, this improves its output, so that
"Qualification Signature" section is no longer just a red "N/A" but an
orange "Indeterminate QESig".

Change-Id: I5f47b935f1dbfa4e2eee4654db31403479cb571d
Reviewed-on: https://gerrit.libreoffice.org/59633
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit ea3a5036d23081b6e8eb38a399ff8ef5acd8adc7)

commit | commitdiff | tree

Caolán McNamara [Mon, 8 Feb 2021 17:05:28 +0000 (8 17:05 +0000)]

default to CertificateValidity::INVALID

so if CertGetCertificateChain fails we don't want validity to be
css::security::CertificateValidity::VALID which is what the old default
of 0 equates to

notably

commit 1e0bc66d16aee28ce8bd9582ea32178c63841902
Date: Thu Nov 5 16:55:26 2009 +0100

jl137: #103420# better logging

turned the nss equivalent of SecurityEnvironment_NssImpl::verifyCertificate
from 0 to CertificateValidity::INVALID like this change does

Change-Id: I5350dbc22d1b9b378da2976d3b0abd728f1f4c27
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110561
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit edeb164c1d8ab64116afee4e2140403a362a1358)

commit | commitdiff | tree

Caolán McNamara [Thu, 11 Mar 2021 20:23:31 +0000 (11 20:23 +0000)]

do same set error state as ReadAndVerifySignature does

this function is nearly exactly the same as ReadAndVerifySignature
except it doesn't set error-state on exception during parse

Change-Id: Ife881f639a11d3185920ca62cc2cd22812fae36d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/112366
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/112412
(cherry picked from commit 52a23d595b820cab27d76d0e7c129f2757c762d6)

commit | commitdiff | tree

Stephan Bergmann [Tue, 16 Feb 2021 08:30:09 +0000 (16 09:30 +0100)]

Improve checkExtension

Change-Id: Iff416a9c5930ad5903f7ee51a2abbc94d5f40800
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110970
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Jenkins
(cherry picked from commit f456c4dacf700e064e112ef068ff7edb04239754)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110922
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit f19d95986756412e5d72047656eec17a720c5e57)

commit | commitdiff | tree

Mike Kaganski [Mon, 27 Jan 2020 22:28:24 +0000 (28 01:28 +0300)]

tdf#130216: normalize paths with .. segments

... which obviously are rejected by SHGetFileInfoW and SHParseDisplayName
that it calls internally.

Change-Id: I2f5f3c675ea6aa1c2d92eef30be4399a8d600255
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87565
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Signed-off-by: Xisco Fauli <xiscofauli@libreoffice.org>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87737
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit fc043d38c256243fb782cc48e7708feaeabba4ae)

commit | commitdiff | tree

Michael Stahl [Wed, 17 Feb 2021 11:24:08 +0000 (17 12:24 +0100)]

python3: add patch for CVE-2021-3177

Looks like Python 3.5 is EOL, so backport the patch.

Change-Id: I9ba397b3ed7e5f4ee4f78b144d822ce260ca9fb4

commit | commitdiff | tree

Samuel Mehrbrodt [Mon, 18 Jan 2021 14:24:48 +0000 (18 15:24 +0100)]

Improve macro checks

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109552
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 1dc71daf7fa7204a98c75dac680af664ab9c8edb)

Change-Id: Ie40801df8866b52c1458e020ffa9cba120720af7

commit | commitdiff | tree

Michael Stahl [Wed, 30 Oct 2019 15:06:02 +0000 (30 16:06 +0100)]

sw: WW8 import: filter control characters in GetFieldResult()

Triggers the assert in SwSubFont::GetTextSize_() on ooo58234-1.doc,
which has a field result with ^G cell separators that is converted to
SwInputField, which inserts the field result into SwTextNode.

Change-Id: Ibdb93390862a11462d62cf744bac912d6009777e
Reviewed-on: https://gerrit.libreoffice.org/81788
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 3a9d504b01c061f60a915b5681c8313859294118)

commit | commitdiff | tree

Michael Stahl [Tue, 12 Nov 2019 17:57:58 +0000 (12 18:57 +0100)]

ofz#18526 sw: WW8 import: don't insert control characters

Sanitize string before calling InsertString().

This segfaults since:

commit b522fc0646915d4da94df38dd249c88b28f25be7
Date: Tue Sep 24 18:11:45 2019 +0200

sw: maintain fieldmarks in DeleteRange()/DeleteAndJoin()/ReplaceRange()

Change-Id: I9ef73d924420686f6838fa21900ec57b4d25c905
Reviewed-on: https://gerrit.libreoffice.org/81949
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 7ecda38cdaa2361e8510bf3e7206863c4936deab)
Reviewed-on: https://gerrit.libreoffice.org/82759
(cherry picked from commit d494a4c0ead7db481757d8d67fbce9e1b02e65df)

commit | commitdiff | tree

Michael Stahl [Thu, 14 Nov 2019 16:37:17 +0000 (14 17:37 +0100)]

sw: WW8 import: instead of control character insert '?' for footnote

SwWW8ImplReader::ReadChar() inserts a U+0002 control character to
temporarily mark a footnote anchor; this is then deleted and replaced
with a real footnote hint by SwWW8ImplReader::End_Footnote().

The assumption is that it is necessary to insert a placeholder
character to be able to apply formatting to it.

But if the document is corrupted, the control character could survive
the import, which sounds less than ideal.

So either make this magic character more explicit by documenting it in
hintids.hxx and removing any outstanding ones at the end of the import,
or use a non-offensive character instead; since this should only affect
invalid documents, choose the solution with the least effort.

Change-Id: I76d396258b32e0f0fb6393942a58a4dc57912211
Reviewed-on: https://gerrit.libreoffice.org/82760
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 13ba765c444713b0b0b2f4b4231bdafcbbef6ad0)

commit | commitdiff | tree

Michael Stahl [Tue, 29 Oct 2019 14:54:41 +0000 (29 15:54 +0100)]

writerfilter: rtftok: filter control characters

... in RTFDocumentImpl::checkUnicode(); see ooo86460-1.xls [sic]
for an example.

There is another caller of text() in rtfdispatchdestination.cxx:311 but
it turns out that buffered text was created by text() in the first
place.

This shouldn't be a problem for DOCX because XML 1.0 doesn't allow the
bad control characters anyway so the sax parser should report an error
in that case.

Reviewed-on: https://gerrit.libreoffice.org/81697
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Tested-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit a6516c76c01b92f7d35bfb352b63af7de42b5707)

Change-Id: Ice45e1c3c8c7db668a4cfb8364e42addea1777ce

commit | commitdiff | tree

Michael Stahl [Tue, 29 Oct 2019 14:52:34 +0000 (29 15:52 +0100)]

sw: UNO API: do not allow inserting control characters into nodes

Refuse invalid input in DocInsertStringSplitCR().

Reviewed-on: https://gerrit.libreoffice.org/81696
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 9b1e3e9bfdc0639630a367e45e4bdc2e9f22e503)

Change-Id: I097c1b3a1f70b0cf1fa3fc33fc1d965ee6c96280

commit | commitdiff | tree

Michael Stahl [Mon, 28 Oct 2019 13:31:23 +0000 (28 14:31 +0100)]

svl: HTMLParser: stop inserting control character garbage into Writer

E.g. rhbz433940-1.html contains literal ^G characters that are inserted
as-is into SwTextNodes.

This now triggers assert about CH_TXT_ATR_FIELDSTART in
SwSubFont::GetTextSize_() that was added in
19a559b0ec9b806519c405651d6d2b2e14712b4a.

Change-Id: I6aa7de41a04069e15b40865fd57894dae0fc10db
Reviewed-on: https://gerrit.libreoffice.org/81606
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Tested-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 35d248cab1f0d4800f72abb5cb6afb56f40d9083)

commit | commitdiff | tree

Caolán McNamara [Sat, 3 Oct 2020 20:56:19 +0000 (3 21:56 +0100)]

ofz#26122 allow NINSIZE input full elements

Change-Id: Ifbde8fc055a91e23db08508a34ce4664d2f1f96f
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103906
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit fb0c3f9d8964f8c0f40238559c32d9d73cba6b55)

commit | commitdiff | tree

Caolán McNamara [Tue, 29 Sep 2020 19:59:40 +0000 (29 20:59 +0100)]

ofz#25989 cmap parsing

Change-Id: I048e5d88d5926a4afa75afab18db5ca6354e2454
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103641
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 9a1202edab0cfe95572f12a8c49ef756ead49bf2)

commit | commitdiff | tree

Caolán McNamara [Tue, 15 Sep 2020 15:36:17 +0000 (15 16:36 +0100)]

ofz#25684 keep ParseCMAP within legal area

Change-Id: Iee18b5a9390b79efa67414ea2d229d2816c84e18
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102776
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit a014c82522834c972e247a28d8e5f42998ae3c0e)

ofz#25696 OOM

Change-Id: Ia69e9ce1ca0156e960dddb7e0bf98dfd2be2d7cc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102846
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit d57b14e3394b081adf0888ed8dcb7b86d66c246c)

ofz#25774 keep ParseCMAP within legal area

Change-Id: Ic68fadd3d63631cbccda76e7679d95bb89452d25
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103017
Tested-by: Caolán McNamara <caolanm@redhat.com>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit f8474367449a1b6b54918d2753e3a36798761839)

Fix crash from broken font CMAP subtable

ParseCMAP crashes on a broken CMAP subtable of a font used by the
bugdoc of tdf#119074, which returns a negative offset (technically
it's large positive offset turning into a wrong negative integer,
which is still out of bounds of the CMAP overall size - you get
the point). This simply ignores that broken subtable, checking for
other existing ones.

Regressed-by: c7482bc2904401e7d975b5721ec861b8589253f9
Change-Id: I95820fe3bb6bd2fe2e0cf9d4c3536abce31fd497
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103033
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 9bf4c5ac49b73cc2a8c89a87ff87238c061a579d)

Missing include

(for std::max, since f8474367449a1b6b54918d2753e3a36798761839 "ofz#25774 keep
ParseCMAP within legal area")

Change-Id: I873c788577e9ec3bd54d9e637d2cf86be7c1f6e6
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103089
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 8cc52b05744443c64cf5eb62ebe3098cd964c437)

ofz#25855 overflow in nTmpOffset

we already know nLength is >= 24 so just move the calc to the other term

Change-Id: Ic52f1686ccf81e6b13d7eb7e74dbd9cb51c8ea01

ofz#25868 Timeout, encoding conversion only sane in 0..SAL_MAX_UINT16 range

so ignore points outside that range to avoid ludicrous ranges that aren't
possible in the input encoding

Change-Id: Ifb7b9b389d4a31b8820a7da661249223fe1e110c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103261
Tested-by: Jenkins
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit 1e41300a9552f90b3d75d5ffadd31ae42a28d249)

commit | commitdiff | tree

Caolán McNamara [Wed, 24 Jul 2019 11:18:10 +0000 (24 12:18 +0100)]

cid#1209863 Untrusted loop bound

Change-Id: Ic8d20e92b4021dfebe01e1265c3afb2bcd509827
Reviewed-on: https://gerrit.libreoffice.org/76259
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 52b92a591943c1988fd3d660bd6fc5ac53ce0f33)

commit | commitdiff | tree

Caolán McNamara [Mon, 22 Jul 2019 08:13:14 +0000 (22 09:13 +0100)]

cid#1209863 Untrusted loop bound

Change-Id: Ie9c3672a065b9df4580559cd927c6b1524edde0e
Reviewed-on: https://gerrit.libreoffice.org/76099
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit a6eaacf66ccc8f83b075b775f4dfa0aace0c3e3a)

commit | commitdiff | tree

Caolán McNamara [Wed, 24 Jul 2019 11:07:57 +0000 (24 12:07 +0100)]

rename search+replaced Getsal_uInt16 result back to GetUShort

Change-Id: Ia6e35d0ca15b0ac2310ad847c6eda6db548b25f6
Reviewed-on: https://gerrit.libreoffice.org/76258
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 63922db083dc70c9b248c9eb34b24382048adf08)

commit | commitdiff | tree

Caolán McNamara [Sun, 18 Oct 2020 19:36:16 +0000 (18 20:36 +0100)]

ofz#26480 validate WW8PLCFpcd is sorted like WW8PLCF does

Change-Id: I11393c730986585aeea229ebeec6417e4a0578d9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/104510
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 7f55db80c6fe42c162bbf51404e638a66b6ae9ab)

commit | commitdiff | tree

Caolán McNamara [Sat, 7 Mar 2020 19:24:42 +0000 (7 19:24 +0000)]

ofz#20622 oom

Change-Id: Id77d90197e98d29787a40966f248dd769c9dac28
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90175
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 1e95c2c17a49349caba1e62b4de3752c5f767f01)

commit | commitdiff | tree

Caolán McNamara [Wed, 23 Sep 2020 11:44:14 +0000 (23 12:44 +0100)]

ofz#25881 use std::vector with bounds checking accessor

Change-Id: Ic557e85bce5f3ebe7224b0aa2192a74969f4fce2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103194
Tested-by: Jenkins
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit f074ad34d5fbc52f4f8df4eec31ba95ee92f879b)

commit | commitdiff | tree

Caolán McNamara [Sun, 5 Jan 2020 20:37:20 +0000 (5 20:37 +0000)]

ofz#19803 check for negative values

Change-Id: I30036a16cf1651a7e27c7aefa086b3725d58933a
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86250
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 0ab8ae4d98122f7de50365a062675d001ef0ca6a)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86340
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
(cherry picked from commit a1c678bbb2d6b981b4c9ae346dba85d414c11c47)

commit | commitdiff | tree

Caolán McNamara [Mon, 2 Dec 2019 13:03:48 +0000 (2 13:03 +0000)]

ofz#19207 check max strlen possible

Change-Id: I5fe9fde240ef375d9de097dda47953320ecc758d
Reviewed-on: https://gerrit.libreoffice.org/84253
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 3fa8ee239b9d2455c0d5dcc016ce973b7f6acf8d)

commit | commitdiff | tree

Caolán McNamara [Wed, 20 Nov 2019 09:22:14 +0000 (20 09:22 +0000)]

ofz#19010 wrong start of range

Change-Id: Ibf97a830932d3f153b99031abc8c4a00b54cedab
Reviewed-on: https://gerrit.libreoffice.org/83266
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Tested-by: Jenkins
(cherry picked from commit a83c4e295cd364bee949d776229f3cf17369d1cf)

commit | commitdiff | tree

Caolán McNamara [Fri, 1 Nov 2019 17:29:56 +0000 (1 17:29 +0000)]

ofz#18646 ensure we are inside valid range

Change-Id: Ide4d4bfad5b365a42790454cca709d175054c933
Reviewed-on: https://gerrit.libreoffice.org/81908
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit dc144f115eb2ef0945837d66fd5ebb1e5a1fa2eb)

commit | commitdiff | tree

Caolán McNamara [Thu, 24 Oct 2019 08:52:44 +0000 (24 09:52 +0100)]

Resolves: ofz#18414 drop apo anchor if it will be deleted

Change-Id: Ic9dc053582055cae717df6244873cee14f6e44c6
Reviewed-on: https://gerrit.libreoffice.org/81433
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 808da2c918e662c19618c9f4035e8c9a802bb887)

commit | commitdiff | tree

Caolán McNamara [Wed, 23 Oct 2019 09:47:30 +0000 (23 10:47 +0100)]

ofz#18467 check against end of buffer

Change-Id: Ibeed87e2e3af90219e7bbbd773d369c90f78a364
Reviewed-on: https://gerrit.libreoffice.org/81371
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 36a1942bccdf63f26ea3a4497688f367083d2f0e)

commit | commitdiff | tree

Stephan Bergmann [Thu, 17 Oct 2019 12:52:16 +0000 (17 14:52 +0200)]

Don't use uninitialized memory when reading from the stream fails

Flathub arm builds (but not other arches) had often (but not always) failed when
processing sc/qa/unit/data/qpro/pass/ofz14090-1.wb2 in
CppunitTest_sc_filters_test (e.g.,
<https://flathub.org/builds/#/builders/1/builds/724>:

> Test name: ScFiltersTest::testCVEs
> equality assertion failed
> - Expected: 1
> - Actual  : 0
> - file:///run/build/libreoffice/sc/qa/unit/data/qpro/pass/ofz14090-1.wb2

)  Valgrind revealed that this was due to using unintialized memory when the
various maIn.Read... in QProToSc::Convert failed, starting with the use of
uninitialized nFmla[i] after

  maIn.ReadUChar( nFmla[i] );

At least make things deterministic by setting the relevant variables to zero.
(Another approach could be returning early with some ConvErr status.)

Change-Id: I4c06aa8da5f777170cdc7bbe3ca1d61b23d3f326
Reviewed-on: https://gerrit.libreoffice.org/80947
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 2704b9e3783aae9d8372f2e3ad3253a2cb49ae87)

commit | commitdiff | tree

Caolán McNamara [Sat, 23 Mar 2019 15:24:35 +0000 (23 15:24 +0000)]

ofz#13881 Integer OverfloW

Change-Id: I90dc8be47cff080bc4e8242c2ae0961c2bc92aba
Reviewed-on: https://gerrit.libreoffice.org/69588
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 44c63c0ba1eb491a9a2d8842badd1a5fc49376fd)

commit | commitdiff | tree

Caolán McNamara [Thu, 24 Jan 2019 15:52:30 +0000 (24 15:52 +0000)]

ofz#12660 remove flys before removing trailing paras

Change-Id: I6c706e5a2066b4fcd4546a22de0aa6327515a0a8
Reviewed-on: https://gerrit.libreoffice.org/66877
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 9b76295d03ee8d1eb19a62c55ff45804efe40f38)

commit | commitdiff | tree

Caolán McNamara [Mon, 13 Aug 2018 11:55:45 +0000 (13 12:55 +0100)]

ofz#9858 Bad-cast

use a SwUnoCursor for the LastAnchorPos around here

Change-Id: I9b2b18e88aa0816e3386d7b95b4fd386d13af77f
Reviewed-on: https://gerrit.libreoffice.org/58927
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 8e7620584ff81813f97d24192d01830834fece4d)

commit | commitdiff | tree

Michael Stahl [Sun, 1 Nov 2020 14:34:52 +0000 (1 15:34 +0100)]

check-elf-dynamic-objects: allow libgsttag-1.0.so.0

It's linked in Fedora 33 and apparently exists in gst-plugins-base
since 1.0.0.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105140
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 4ebb3eae7b4abb7ecc37df73c6f80e3fd2069ed7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109766
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 4138d724ebb9150e053f9fcdfcf47ac621672618)

Change-Id: Ifc5d6a6b06e05ef4e250ac26a8588a242f21a034

commit | commitdiff | tree

Michael Stahl [Tue, 19 Jan 2021 10:28:41 +0000 (19 11:28 +0100)]

nss: fix parallel build race in nsinstall.py

  File "/home/tdf/lode/jenkins/workspace/android_aarch64/external/nss/nsinstall.py", line 112, in nsinstall
    os.makedirs(args[0])
  File "/opt/rh/rh-python38/root/usr/lib64/python3.8/os.py", line 223, in makedirs
    mkdir(name, mode)
FileExistsError: [Errno 17] File exists: '../../../../dist/public/dbm'
../../../coreconf/rules.mk:119: recipe for target '../../../../dist/public/dbm/d' failed

Change-Id: I4273e6d3d5fa520353fff8738823ef281fe237ed
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109619
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 6f5186a94dcd1989cdd819e35163af0542912559)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109587
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 01fffa977e28b2a671f195daa3a1aaa4cbe3b258)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109765
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 5b809908b45b3253a1f879069410d7ca30e1cb0a)

commit | commitdiff | tree

Michael Stahl [Tue, 19 Jan 2021 14:38:05 +0000 (19 15:38 +0100)]

postgresql: upgrade to release 13.1

Fixes CVE-2020-25694, plus a bunch more CVE that don't look relevant.

* --with-krb5 no longer exists, neither does --disable-shared
* remove internal-zlib.patch.1:
  zlib is only used by pg_* tools / contrib/pgcrypto
* remove postgresql-libs-leak.patch:
  some relic from pre-gbuild times, not clear what the point is for
  static libs
* remove postgresql-9.2.1-libreoffice.patch:
  another dmake .mk file relic, and the win32 nmake build system was
  removed
* add postgres-msvc-build.patch.1 to fix Cygwin perl and openssl
* on WNT, libpq.dll is now built, no longer static lib

postgresql: fix mistake in RepositoryExternal.mk

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109640
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 234833f7823a1424b62c93e145f0cfe2c6b6efd5)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109698
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit 1362bf7fa2957d34a7cef18dd95ede22cc42787f)

Change-Id: Ic0232a28801b2f604d9f4e33d5621ae3362defaa

commit | commitdiff | tree

Stephan Bergmann [Thu, 7 Jan 2021 09:15:51 +0000 (7 10:15 +0100)]

openssl_headers depends on generated opensslconf.h

...at workdir/UnpackedTarball/openssl/include/openssl/opensslconf.h, as can be
seen with failed builds like
<https://ci.libreoffice.org//job/lo_tb_master_mac/35209>:

[...]
> [build PAT] openssl
> [build C  ] UnpackedTarball/mariadb-connector-c/plugins/auth/caching_sha2_pw.c
> [build C  ] UnpackedTarball/mariadb-connector-c/libmariadb/secure/openssl_crypt.c
> [build DEP] LNK:Library/libclucene.dylib
> [build LNK] Library/libclucene.dylib
> In file included from /Users/tdf/lode/jenkins/workspace/lo_tb_master_mac/workdir/UnpackedTarball/mariadb-connector-c/libmariadb/secure/openssl_crypt.c:21:
> /Users/tdf/lode/jenkins/workspace/lo_tb_master_mac/workdir/UnpackedTarball/openssl/include/openssl/evp.h:13:11: fatal error: 'openssl/opensslconf.h' file not found
> # include <openssl/opensslconf.h>
>           ^~~~~~~~~~~~~~~~~~~~~~~
> 1 error generated.

Change-Id: Ied1dcdd0afb6099e9218671c6a06c0edaafc931e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108928
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 0f7008e91f45cf8e3cee6f372ce012b38a795e26)

commit | commitdiff | tree

Michael Stahl [Wed, 6 Jan 2021 18:30:07 +0000 (6 19:30 +0100)]

poppler: upgrade to release 21.01.0

Fixes CVE-2020-27778, CVE-2020-35702
and changelogs mention lots of fuzzing fixes.

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108912
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit 48e8b32a9b66722bbb28fc15840b3706a461aeb7)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108904
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit fb185106492f5aabac6ab57ae90cd81d51480093)

Change-Id: Ib07bdee726905e74afc13a01bbbd53f218121744
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108956
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>

commit | commitdiff | tree

Martin Whitaker [Fri, 8 May 2020 19:47:25 +0000 (8 21:47 +0200)]

tdf#131353: Fix build with poppler 0.86.0

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93789
Tested-by: René Engelhard <rene@debian.org>
Tested-by: Jenkins
Reviewed-by: Tomáš Chvátal <tchvatal@suse.com>
(cherry picked from commit b42ab78fb871924896b3cc38a7b2f1257151f711)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/96639
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
(cherry picked from commit d40f36bf47814c324a1ec467c566255fb187444b)

Change-Id: I89b4635a6a3e3a5522172d6f4c3f14e6c14994b1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108955
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>

commit | commitdiff | tree

Martin Milata [Wed, 4 Dec 2019 01:37:40 +0000 (4 02:37 +0100)]

Fix build with poppler-0.83

Change-Id: I7a3684932b8f9c403a3368b42fa4d8039c67f1a9
Reviewed-on: https://gerrit.libreoffice.org/84384
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86905
Reviewed-by: Tomáš Chvátal <tchvatal@suse.com>
Tested-by: Tomáš Chvátal <tchvatal@suse.com>
(cherry picked from commit 035830400393e075fca364a444e04c40516730b2)

commit | commitdiff | tree

Michael Stahl [Wed, 6 Jan 2021 16:39:19 +0000 (6 17:39 +0100)]

openssl: add patch to fix CVE-2020-1971

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108884
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
(cherry picked from commit b4c5bd9b330068e8c550e398cf761457ec9b6aa4)

Change-Id: Ia756f1fa642eeb6dcadc867cc9730732a73c11b4

commit | commitdiff | tree

Miklos Vajna [Wed, 4 Nov 2020 20:39:04 +0000 (4 21:39 +0100)]

xmlsecurity: reject a few dangerous annotation types during pdf sig verify

(cherry picked from commit f231dacde9df1c4aa5f4e0970535c4f4093364a7)

Conflicts:
xmlsecurity/source/helper/pdfsignaturehelper.cxx

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105926
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit fcab45e0e22f4cf46e71856dba7ae5abd6f99bc5)

Change-Id: I950b49a6e7181639daf27348ddfa0f36586baa65

commit | commitdiff | tree

Miklos Vajna [Tue, 21 Jul 2020 19:25:26 +0000 (21 21:25 +0200)]

external: update pdfium to handle redact annotations

external: update pdfium to 4203

(cherry picked from commit 4488be8a9279be0bd0aebd476589a49d2b95da6e)

Update one mention of pdfium-4137.tar.bz2

...left behind by 4488be8a9279be0bd0aebd476589a49d2b95da6e "external: update
pdfium to 4203"

(cherry picked from commit ba4b3d5f7a0fe8d0d985e98897e041d59093d8b0)

external: update pdfium to 4260

(cherry picked from commit f19381e46930bb496e7331754843920933fb4be2)

external: update pdfium to 4306

(cherry picked from commit fe531957e3dcd42927cf15ab31d04473433d81f9)

Conflicts:
include/vcl/pdf/PDFAnnotationSubType.hxx

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105913
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit b4f50e78e9cd391964128bd0d1446d4dca110cef)

Change-Id: Ic10cf99fa412f8f0b3475e82d0a1839a7f04bd08

commit | commitdiff | tree

Miklos Vajna [Tue, 14 Jan 2020 20:34:52 +0000 (14 21:34 +0100)]

external: update pdfium from 3963 to 4137

This is a combination of 6 commits, which brings pdfium to the same
version as libreoffice-7-0.

This is the 1st commit message:

external: update pdfium to 4021

(cherry picked from commit 1cb70721ba00dd6c6958f0a10e39aa5c1866ec96)

This is the commit message #2:

external/pdfium: C++20 comparison operator fix

Missing const leads to overload resolution ambiguity when a synthesized
candidate of operator == for a reversed-argument rewrite conflicts with the
actual operator ==, due to the asymmetric const-ness of the implicit object
parameter and the RHS parameter:

> In file included from workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.cpp:7:
> In file included from workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.h:11:
> llvm/inst/include/c++/v1/vector:1369:27: error: use of overloaded operator '!=' is ambiguous (with operand types 'std::__1::__vector_base<unsigned char, FxAllocAllocator<unsigned char> >::allocator_type' (aka 'FxAllocAllocator<unsigned char>') and 'std::__1::__vector_base<unsigned char, FxAllocAllocator<unsigned char> >::allocator_type')
>     if (__base::__alloc() != __c.__alloc())
>         ~~~~~~~~~~~~~~~~~ ^  ~~~~~~~~~~~~~
> llvm/inst/include/c++/v1/vector:1359:5: note: in instantiation of member function 'std::__1::vector<unsigned char, FxAllocAllocator<unsigned char> >::__move_assign' requested here
>     __move_assign(__x, integral_constant<bool,
>     ^
> workdir/UnpackedTarball/pdfium/core/fxge/cfx_font.cpp:384:24: note: in instantiation of member function 'std::__1::vector<unsigned char, FxAllocAllocator<unsigned char> >::operator=' requested here
>   m_FontDataAllocation = std::vector<uint8_t, FxAllocAllocator<uint8_t>>(
>                        ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:74:8: note: candidate function
>   bool operator!=(const FxAllocAllocator& that) { return false; }
>        ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:73:8: note: candidate function
>   bool operator==(const FxAllocAllocator& that) { return true; }
>        ^
> workdir/UnpackedTarball/pdfium/core/fxcrt/fx_memory_wrappers.h:73:8: note: candidate function (with reversed parameter order)

(cherry picked from commit 6e0461d576d9f386e458f98f3c57f0ba385aacb4)

This is the commit message #3:

pdfium: don't patch out the COMPONENT_BUILD check, define it

So next time we update, no need to adapt a failing patch.

(cherry picked from commit 9b4ab9bda41a818832c721933986c9c6e07a6e6c)

This is the commit message #4:

make update_pch also consider files in <module>/src/**/inc

With --enable-pch=full there's not much difference between a "public"
header in <module>/inc and a private one in <module>/src/somewhere/inc .
And since the script searches recursively, this apparently helps to
find even more headers for lower pch levels.

[ Just the pdfium part. ]

(cherry picked from commit 69e0d871ec1de2260f9213d3113464155eac173c)

This is the commit message #5:

external: update pdfium to 4083

(cherry picked from commit 9054c36d4ea3bee25fb9a47a96a0ea2cd07148c3)

This is the commit message #6:

external: update pdfium to 4137

(cherry picked from commit 1ffe59ef31186e36ad0aa7bbcdd32e407ee8d26c)

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102373
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 434d611e22c4fe76a11d2de26b9f185bb04e5ad3)

Change-Id: I8483d0aa5b4fea5a59107c20a8aa5f1ef694af0a
b7c12461e04fa97bf55ee967e8d6c9bcf92fdf4a

commit | commitdiff | tree

Miklos Vajna [Tue, 12 Nov 2019 20:21:21 +0000 (12 21:21 +0100)]

external: update pdfium to 3963

Also simplify visibility.patch.1.

Reviewed-on: https://gerrit.libreoffice.org/82548
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 71cb2705af38df7f382014fb68f43bed98abf9b4)

Change-Id: I8b4ed78b314a1a1f7d31467f782877f056429cc2

commit | commitdiff | tree

Miklos Vajna [Tue, 10 Sep 2019 21:17:35 +0000 (10 23:17 +0200)]

external: update pdfium to 3896

Reviewed-on: https://gerrit.libreoffice.org/78806
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 735af14843eab3e75ac9ed6f0773ce7bb3241c8a)

Change-Id: I9d47d9afed47e01657b42fbfdb06e7fc91a150c8

commit | commitdiff | tree

Miklos Vajna [Tue, 16 Jul 2019 21:32:31 +0000 (16 23:32 +0200)]

external: update pdfium to 3849

Reviewed-on: https://gerrit.libreoffice.org/75736
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 0ee0ca3036629b69bf20b448d74991fd133f08ac)

Change-Id: I616f57bd9de72b078500a290bf9ff89c71773f26

commit | commitdiff | tree

Miklos Vajna [Mon, 20 May 2019 19:37:39 +0000 (20 21:37 +0200)]

external: update pdfium to 3794

Reviewed-on: https://gerrit.libreoffice.org/72619
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 3dbe66b7895a412ad7ad9aede4be383489d805de)

Change-Id: Ie4c42943445813c7c50bf06cb710cedf2a61f3a9

commit | commitdiff | tree

Miklos Vajna [Tue, 2 Apr 2019 19:14:36 +0000 (2 21:14 +0200)]

pdfium: avoid problems with SetForm using WIN32_LEAN_AND_MEAN

So that it does not get defined to SetFormA() or SetFormW() and still
requires no patching.

Change-Id: I4364b02306633733d8536ebd8d7d42273dfeef74
Reviewed-on: https://gerrit.libreoffice.org/70150
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 66c29fd202f22a36edbb929ddcc1f1cadb0a6e8f)

commit | commitdiff | tree

Miklos Vajna [Tue, 12 Mar 2019 20:19:08 +0000 (12 21:19 +0100)]

external: update pdfium to 3730

Change-Id: Iaaac797812b2addd1e5693dbb4338fc1c506a26d
Reviewed-on: https://gerrit.libreoffice.org/69134
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 8743247493ba90098e3e32cf30de0e8995569852)

commit | commitdiff | tree

Miklos Vajna [Tue, 15 Jan 2019 20:18:44 +0000 (15 21:18 +0100)]

external: update pdfium to 3667

Reviewed-on: https://gerrit.libreoffice.org/66408
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 2044475c8cb33b76591aa6de77dd43a0bf9f5145)

Change-Id: Ie4f0cc8f06432e182ce7ffcae5269075d12658ef

commit | commitdiff | tree

Miklos Vajna [Mon, 19 Nov 2018 08:03:40 +0000 (19 09:03 +0100)]

external: update pdfium to 3613

Reviewed-on: https://gerrit.libreoffice.org/63547
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
(cherry picked from commit ec11c1aee04eacb00d94a6359f959b990ddb6923)

Change-Id: I99bd67f45796eb85635543a5e4563bb7477cf63e

commit | commitdiff | tree

Miklos Vajna [Tue, 18 Sep 2018 19:07:10 +0000 (18 21:07 +0200)]

pdfium: update to 3550

Allows dropping all the backports, so only one custom API patch remains.

Reviewed-on: https://gerrit.libreoffice.org/60697
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit 56ac8214ab35387f8861044b62c79fae6d7ccac5)

Change-Id: I13dc4f62be86d0859862cbd95bb14e07bbcf53d6

commit | commitdiff | tree

Miklos Vajna [Tue, 17 Jul 2018 19:23:40 +0000 (17 21:23 +0200)]

pdfium: update to 3471

Allows dropping 4 API patches + the one that allows building against
system ICU.

Reviewed-on: https://gerrit.libreoffice.org/57588
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
(cherry picked from commit 1445d84cdc906fabf6cc7a59f3c94b4049477701)

Change-Id: Ib5c63ba7daf51b320c07b24486f7398bf71bcfbf

commit | commitdiff | tree

Miklos Vajna [Mon, 19 Oct 2020 14:50:07 +0000 (19 16:50 +0200)]

xmlsecurity: handle MDP permission during PDF verify

(cherry picked from commit 586f6abee92af3cdabdce034b607b9a046ed3946)

Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
vcl/source/pdf/PDFiumLibrary.cxx
xmlsecurity/source/helper/pdfsignaturehelper.cxx

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105785
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 00479937dc071246cc27f33fd6397668448a7ed9)

Change-Id: I626fca7c03079fb0374c577dcfe024e7db6ed5b3

commit | commitdiff | tree

Miklos Vajna [Fri, 16 Oct 2020 16:15:21 +0000 (16 18:15 +0200)]

vcl pdf tokenizer: fix handling of dict -> array -> dict tokens

Needed to be able to parse the /Reference key of signatures.

(cherry picked from commit 056c1284d6a68525002c54bef10834cc135385db)

Conflicts:
vcl/qa/cppunit/filter/ipdf/ipdf.cxx

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105626
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 8f46af565680bef0ff8ca32781e6d813a7446543)

Change-Id: I6b81089a3f58a2de461ad92ca5a891c284f8686a

commit | commitdiff | tree

Stephan Bergmann [Wed, 25 Nov 2020 08:13:12 +0000 (25 09:13 +0100)]

Better handling of Java files

Change-Id: Ifa662be39ac7d35241ee31956e2556b7ba3b5a02
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106558
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 696739056f37430154d6333b8f7228d1c44d09b3)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106520
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit ec5adc39cbea6d754ef68ab3d03fb16066b27e40)

commit | commitdiff | tree

Caolán McNamara [Mon, 23 Nov 2020 14:33:06 +0000 (23 14:33 +0000)]

CVE-2020-25713 raptor2: malformed input file can lead to a segfault

due to an out of bounds array access in
raptor_xml_writer_start_element_common

use a better fix than the initial suggestion

See:
https: //bugs.mageia.org/show_bug.cgi?id=27605
https: //www.openwall.com/lists/oss-security/2020/11/13/1
Change-Id: Ida4783a61412ffce868eacf81310da338d3e2df1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/106249
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Tested-by: Jenkins
(cherry picked from commit 43433f42017014a472a253314a6ac58a6774dced)

commit | commitdiff | tree

Miklos Vajna [Fri, 4 Sep 2020 15:17:48 +0000 (4 17:17 +0200)]

xmlsecurity: pdf incremental updates that are non-commenting are invalid

I.e. it's OK to add incremental updates for annotation/commenting
purposes and that doesn't invalite existing signatures. Everything else
does.

(cherry picked from commit 61834cd574568613f0b0a2ee099a60fa5a8d9804)

Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
vcl/source/pdf/PDFiumLibrary.cxx

Change-Id: I4607c242b3c6f6b01517b02407e9e7a095e2e069

Conflicts:
xmlsecurity/qa/unit/signing/signing.cxx

commit | commitdiff | tree

Miklos Vajna [Fri, 24 Jul 2020 09:29:27 +0000 (24 11:29 +0200)]

xmlsecurity: detect unsigned incremental update between signatures

(cherry picked from commit 7468d5df5ec79783eae84b62bdc5ecf12f0ca255)

Conflicts:
vcl/source/filter/ipdf/pdfdocument.cxx
xmlsecurity/source/pdfio/pdfdocument.cxx

Change-Id: I269ed858852ee7d1275adf340c8cc1565fc30693
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99480
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>

commit | commitdiff | tree

Tomaž Vajngerl [Sun, 31 May 2020 09:50:20 +0000 (31 11:50 +0200)]

pdfium: only init pdfium library once and destroy on LO exit

With more and more usage of PDFium, it is hard to keep track of
the life-time of the PDFium library, so it can happen that a
FPDF_DestroyLibrary happens when we still have another instance
where PDFium is still use. The result of this is a crash. To
prevent this, just initialize the library once and delete, when
on LO exit.

This can be improved in the future to only keep the library
active when in actual use.

[ Leaving out the vector graphic search bits, the motivation is to just
have this in libreoffice-7-0, so that recent pdf sig verify improvements
can be backported. ]

(cherry picked from commit 067a8a954c8e1d8d6465a4ab5fb61e93f16c26c2)

Conflicts:
vcl/source/graphic/VectorGraphicSearch.cxx

Change-Id: I5c7e5de7f8b97d10efb394c67c7a61b976c8d57c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102317
Tested-by: Miklos Vajna <vmiklos@collabora.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit b7de766b4dc5b4810277069bcf53a9f3737e87da)

Conflicts:
svx/source/svdraw/svdpdf.cxx
svx/source/svdraw/svdpdf.hxx
vcl/Library_vcl.mk
vcl/qa/cppunit/pdfexport/pdfexport.cxx
vcl/source/filter/ipdf/pdfread.cxx

commit | commitdiff | tree

Miklos Vajna [Wed, 2 Sep 2020 10:37:18 +0000 (2 12:37 +0200)]

xmlsecurity: avoid saying OK when the signature is partial

That's reserved for valid signatures (digest match, certificate
validates and the signature covers the whole document).

Also avoid "invalid" in the dialog when the digest matches and the
signature is just incomplete.

This now uses wording which is closer to Acrobat and also uses the same
wording on the infobar and in the dialog.

Change-Id: I26e4781d555b65cf29aa8df2232e286917235dc1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/101926
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102188
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 46efad443472679b93b282c8e08b807d7e8f1a78)

Conflicts:
xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx

commit | commitdiff | tree

Miklos Vajna [Mon, 31 Aug 2020 11:34:17 +0000 (31 13:34 +0200)]

xmlsecurity: fix infobar vs signature dialog inconsistency

The infobar mentioned if a signature is partial, but the dialog just has
a bool UI for signatures. Then present "good, but partial" as "bad".

(cherry picked from commit 3ba1144cb96c710e665ffb3ada26fb6a48a03472)

Change-Id: I698190aa77702000b11d635bd038d9c9a91614ac
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/101844
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 8696c20cbf5c816ded9fee469616cb693b4572b0)

Conflicts:
xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx

commit | commitdiff | tree

Michael Stahl [Fri, 7 Aug 2020 16:57:00 +0000 (7 18:57 +0200)]

nss: upgrade to release 3.55.0

Fixes CVE-2020-6829, CVE-2020-12400 CVE-2020-12401 CVE-2020-12403.
(also CVE-2020-12402 CVE-2020-12399 in older releases since 3.47)

* external/nss/nss.nspr-parallel-win-debug_build.patch:
remove, merged upstream

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100345
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 495a5944a3d442cfe748a3bb0dcef76f6a961d30)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100420
Reviewed-by: Xisco Fauli <xiscofauli@libreoffice.org>
(cherry picked from commit 227d30a3a17f2fffb1a166cdc3e2a796bb335214)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100590
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 94cecbfdf3cf01fe3d5658c7edf78696da2a249f)

Change-Id: I8b48e25ce68a2327cde1420abdaea8f9e51a7888

commit | commitdiff | tree

Jan-Marek Glogowski [Wed, 26 Jun 2019 16:09:19 +0000 (26 18:09 +0200)]

NSS: enable parallel build

Since NSS 3.53, the Makefile based build should be fixed (upstream
bug 290526). The only missing patch is a minimal NSPR fix for the
"NSPR, configure + make, parallel, Windows, MS VS, debug" build.
That patch isn't incuded in the NSPR 4.25 release (but it's already
in the mercurial repo for NSPR 4.26).

Reviewed-on: https://gerrit.libreoffice.org/c/core/+/95218
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de>
(cherry picked from commit b56e8d6def26a0430853835e997f1be841840a61)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100419
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit c1bce55faebd9ad8751d7b6b9a7f77dff7b3d507)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/100589
(cherry picked from commit 3e4dbb1708d4b3b7619602b63602b884a7bb2caa)

Change-Id: I8eaa3792a12bdff734e56ac3f552991478957e23

commit | commitdiff | tree

Michael Stahl [Mon, 29 Jun 2020 12:00:56 +0000 (29 14:00 +0200)]

curl: upgrade to release 7.71.0

Fixes CVE-2020-8169, and about 3 other ones that don't affect LO/libcmis.

Disable new optional dependencies "ngtcp2" and "quiche".

Change-Id: I595ed909c4e792ac3244643511a338b117e7f102
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97406
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit cb0c7e26e5708010b1fe941ae2f66134f31ed876)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97386
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 43130216127913d30074d3fe99c5706dcce44dee)

commit | commitdiff | tree

Stephan Bergmann [Wed, 27 Nov 2019 09:28:52 +0000 (27 10:28 +0100)]

external/liblangtag: Avoid null pointer deref in lt_warning call

Recent GCC 10 trunk warns (when LO is configured with --enable-optimized):

> In file included from lt-script-db.c:24:
> lt-script-db.c: In function ‘lt_script_db_parse.constprop’:
> lt-messages.h:105:2: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
>   105 |  lt_message_printf(LT_MSG_WARNING, \
>       |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>   106 |      LT_MSG_FLAG_NONE, \
>       |      ~~~~~~~~~~~~~~~~~~~
>   107 |      0,   \
>       |      ~~~~~~
>   108 |      __VA_ARGS__)
>       |      ~~~~~~~~~~~~
> lt-script-db.c:137:4: note: in expansion of macro ‘lt_warning’
>   137 |    lt_warning("No subtag node: description = '%s'",
>       |    ^~~~~~~~~~
> lt-script-db.c:137:47: note: format string is defined here
>   137 |    lt_warning("No subtag node: description = '%s'",
>       |                                               ^~

Change-Id: I2924f7aab84f4f2640f277ee5c2689753627ae78
Reviewed-on: https://gerrit.libreoffice.org/83869
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 047e8ae5d189f030d565b13f97a4d6a45b00e6be)

FREE OFFICE SUITE

RSS Atom