[Libreoffice-qa] minutes of ESC call ...

Caolán McNamara caolanm at redhat.com
Fri Apr 21 12:40:54 UTC 2017

On Thu, 2017-04-20 at 20:08 +0100, Michael Meeks wrote:
>     + Google / ossfuzz: 27 fuzzers active now
>       - unfortunately, addition of the doc one tipped us over some
>         upstream build infrastructure space limit so builds broken
>         upstream until that's sorted out
>         https://oss-fuzz-build-logs.storage.googleapis.com/status.htm

Fixed again now, FWIW.

>     + CVE 2017-7870 out for LibreOffice, HWP thing (Bjoern)
>        + five filed in RH bugzilla automatically

There were 4 CVEs and I've documented them now in our advisory section.
CVE-2016-10327 (emf), CVE-2017-7856 (svm), CVE-2017-7882 (hwp) and CVE-
2017-7870 (wmf, polygon splitting). CVE-2017-7856 and CVE-2017-7882
refer to specific temporary bugs which were never in a release. The
other two are fixed since >= 5.2.5 (or 5.3.0).

More information about the LibreOffice mailing list