| Errata ID | 57 |
|---|---|
| Date | 2018-05-16 |
| Source package | libreoffice |
| Fixed in version | 1:5.2.7-1+deb9u4 |
| Description | This update addresses the following issues: * Improvement to not throw more errors than neccessary (use the right error code) on WEBSERVICE() failures. * Do another replacement of FormulaError::NoValue to formula::errNoValue for clarity. * Backport from 5.4 branch to let FunctionAccess execute WEBSERVICE. * CVE-2018-10119: Use after free in sdstor/stgstrms.cxx:StgSmallStrm class allows for denial of service with crafted document * CVE-2018-10120: Out of bounds write in filter/ww8/ww8toolbar.cxx:SwCTBWrapper class allows for denial of service with crafted document |
| Additional notes | |
| CVE ID | CVE-2018-10119 CVE-2018-10120 |
| UCS Bug number | #46634 |
