From a2368a87d2ec927a9fa11c5f679fd99b7b697742 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Wed, 21 Aug 2024 14:46:17 +0300 Subject: [PATCH] import libreoffice-7.1.8.1-14.el9_4 --- ...o-trust-not-validated-macro-signatur.patch | 79 +++++++++++++++++++ SPECS/libreoffice.spec | 7 +- 2 files changed, 85 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0001-CVE-2024-6472-remove-ability-to-trust-not-validated-macro-signatur.patch diff --git a/SOURCES/0001-CVE-2024-6472-remove-ability-to-trust-not-validated-macro-signatur.patch b/SOURCES/0001-CVE-2024-6472-remove-ability-to-trust-not-validated-macro-signatur.patch new file mode 100644 index 0000000..e40773a --- /dev/null +++ b/SOURCES/0001-CVE-2024-6472-remove-ability-to-trust-not-validated-macro-signatur.patch @@ -0,0 +1,79 @@ +From 1dec4285bd4c59c23a6a9a56cee9a66ebe0ba6c3 Mon Sep 17 00:00:00 2001 +Message-ID: <1dec4285bd4c59c23a6a9a56cee9a66ebe0ba6c3.1723721182.git.erack@redhat.com> +From: Sarper Akdemir +Date: Tue, 11 Jun 2024 12:39:36 +0200 +Subject: [PATCH] remove ability to trust not validated macro signatures in + high security +MIME-Version: 1.0 +Content-Type: multipart/mixed; boundary="------------erAck-patch-parts" + +This is a multi-part message in MIME format. +--------------erAck-patch-parts +Content-Type: text/plain; charset=UTF-8; format=fixed +Content-Transfer-Encoding: 8bit + + +Giving the user the option to determine if they should trust an +invalid signature in HIGH macro security doesn't make sense. +CommonName of the signature is the most prominent feature presented +and the CommonName of a certificate can be easily forged for an +invalid signature, tricking the user into accepting an invalid +signature. + +in the HIGH macro security setting only show the pop-up to +enable/disable signed macro if the certificate signature can be +validated. + +cherry-picked without UI/String altering bits for 24-2 + +Change-Id: Ia766fb701660160ee5dc9f6e077f4012a44ce721 +Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168667 +Tested-by: Jenkins +Reviewed-by: Sarper Akdemir +(cherry picked from commit 2beaa3be3829303e948d401f492dbfd239d60aad) +Reviewed-on: https://gerrit.libreoffice.org/c/core/+/169525 +Reviewed-by: Thorsten Behrens +Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171306 +Reviewed-by: Caolán McNamara +Tested-by: Caolán McNamara +Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171314 +Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171315 +--- + sfx2/source/doc/docmacromode.cxx | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + + +--------------erAck-patch-parts +Content-Type: text/x-patch; name="0001-remove-ability-to-trust-not-validated-macro-signatur.patch" +Content-Transfer-Encoding: 8bit +Content-Disposition: attachment; filename="0001-remove-ability-to-trust-not-validated-macro-signatur.patch" + +diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx +index 919033cbaf5d..33d546f2920a 100644 +--- a/sfx2/source/doc/docmacromode.cxx ++++ b/sfx2/source/doc/docmacromode.cxx +@@ -228,14 +228,18 @@ namespace sfx2 + // check whether the document is signed with trusted certificate + if ( nMacroExecutionMode != MacroExecMode::FROM_LIST ) + { ++ SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState(); ++ + // the trusted macro check will also retrieve the signature state ( small optimization ) + const SvtSecurityOptions aSecOption; + const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN + && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE +- || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors)); ++ || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors)) ++ && (nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_WARN ++ || nSignatureState == SignatureState::OK); ++ + const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor); + +- SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState(); + if ( nSignatureState == SignatureState::BROKEN ) + { + if (!bAllowUIToAddAuthor) + +--------------erAck-patch-parts-- + + diff --git a/SPECS/libreoffice.spec b/SPECS/libreoffice.spec index a524c3a..d0bb226 100644 --- a/SPECS/libreoffice.spec +++ b/SPECS/libreoffice.spec @@ -57,7 +57,7 @@ Summary: Free Software Productivity Suite Name: libreoffice Epoch: 1 Version: %{libo_version}.1 -Release: 13%{?libo_prerelease}%{?dist}.inferit +Release: 14%{?libo_prerelease}%{?dist}.inferit License: (MPLv1.1 or LGPLv3+) and LGPLv3 and LGPLv2+ and BSD and (MPLv1.1 or GPLv2 or LGPLv2 or Netscape) and Public Domain and ASL 2.0 and MPLv2.0 and CC0 URL: http://www.libreoffice.org/ @@ -307,6 +307,7 @@ Patch41: 0004-CVE-2023-6186-reuse-AllowedLinkProtocolFromDocument-in-writer.patc Patch42: 0005-CVE-2023-6186-reuse-AllowedLinkProtocolFromDocument-in-impress-dra.patch Patch43: 0006-CVE-2023-6186-backporting.patch Patch44: 0001-CVE-2024-3044-add-notify-for-script-use.patch +Patch45: 0001-CVE-2024-6472-remove-ability-to-trust-not-validated-macro-signatur.patch # MSVSphere Patch50: 0001-Cleanup-vendor-in-aboutdialog.patch @@ -2313,6 +2314,10 @@ gtk-update-icon-cache -q %{_datadir}/icons/hicolor &>/dev/null || : %{_includedir}/LibreOfficeKit %changelog +* Thu Aug 15 2024 Eike Rathke - 1:7.1.8.1-14 +- Fix CVE-2024-6472 remove ability to trust not validated macro signatures in + high security + * Fri Jun 07 2024 Eike Rathke - 1:7.1.8.1-13 - Fix CVE-2024-3044 add notify for script use