CVE-2017-7870

Priority
Medium
Description
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a
heap-based buffer overflow related to the tools::Polygon::Insert function
in tools/source/generic/poly.cxx.
References
Bugs
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):not-affected (1:5.3.1-0ubuntu2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:4.2.8-0ubuntu5.1)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1:5.1.6~rc2-0ubuntu1~xenial2)
Ubuntu 16.10 (Yakkety Yak):released (1:5.2.2-0ubuntu2.1)
Ubuntu 17.04 (Zesty Zapus):not-affected (1:5.3.1-0ubuntu2)
Patches:
Upstream:https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [transitional packages])
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 16.10 (Yakkety Yak):DNE
Ubuntu 17.04 (Zesty Zapus):DNE
More Information

Updated: 2017-05-10 22:34:57 UTC (commit 12521)