[Libreoffice-qa] minutes of ESC call ...
Caolán McNamara
caolanm at redhat.com
Fri Apr 21 12:40:54 UTC 2017
On Thu, 2017-04-20 at 20:08 +0100, Michael Meeks wrote:
>
> + Google / ossfuzz: 27 fuzzers active now
> - unfortunately, addition of the doc one tipped us over some
> upstream build infrastructure space limit so builds broken
> upstream until that's sorted out
> https://oss-fuzz-build-logs.storage.googleapis.com/status.htm
Fixed again now, FWIW.
> + CVE 2017-7870 out for LibreOffice, HWP thing (Bjoern)
> + five filed in RH bugzilla automatically
There were 4 CVEs and I've documented them now in our advisory section.
CVE-2016-10327 (emf), CVE-2017-7856 (svm), CVE-2017-7882 (hwp) and CVE-
2017-7870 (wmf, polygon splitting). CVE-2017-7856 and CVE-2017-7882
refer to specific temporary bugs which were never in a release. The
other two are fixed since >= 5.2.5 (or 5.3.0).
More information about the LibreOffice
mailing list