| 851abcd9 | 31-Aug-2016 |
truckman |
Fix -Wformat-security warnings.
There are a number of instances where the code calls *printf() to
print arbitrary strings and the string is passed as the format
argument to *printf()
Fix -Wformat-security warnings.
There are a number of instances where the code calls *printf() to
print arbitrary strings and the string is passed as the format
argument to *printf(). Since these strings might contain %
conversion sequences, this is a security hazard. Fix the problem
by printing the strings with a "%s" format.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758644 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 0f3868f6 | 31-Aug-2016 |
truckman |
Fix -Wformat-security warnings.
CreateT3FromTTGlyphs() uses a bunch of "const char *" variables to hold
the format strings for its fprintf() calls resulting in warnings that
the form
Fix -Wformat-security warnings.
CreateT3FromTTGlyphs() uses a bunch of "const char *" variables to hold
the format strings for its fprintf() calls resulting in warnings that
the format strings for these calls are not string literals. Suppress
these warnings by changing the variables to be "const char * const".
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758639 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| dd5ae8a3 | 31-Aug-2016 |
truckman |
Get rid of the inline version of FindFtnRef() that just calls itself,
which causes infinite recursion. Callers should just use the external
method.
git-svn-id: https://svn
Get rid of the inline version of FindFtnRef() that just calls itself,
which causes infinite recursion. Callers should just use the external
method.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758637 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 3a197fe0 | 31-Aug-2016 |
truckman |
Fix a typo on a header guard.
The other instances of the -Wheader-guard warning are in ext_sources code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758
Fix a typo on a header guard.
The other instances of the -Wheader-guard warning are in ext_sources code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758633 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| d9aeb0c3 | 31-Aug-2016 |
truckman |
In ExceptionThrower::throwException(), call ::cppu::throwException()
instead of recursing infinitely.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758630 13f7
In ExceptionThrower::throwException(), call ::cppu::throwException()
instead of recursing infinitely.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758630 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 3616bdb9 | 29-Aug-2016 |
damjan |
Port main/fileaccess to gbuild.
Patch by: me
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758161 13f79535-47bb-0310-9956-ffa450edef68 |
| 8aefc987 | 28-Aug-2016 |
truckman |
Upgrade bundled libxml2 from version 2.9.3 to version 2.9.4 to fix:
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
Upgrade bundled libxml2 from version 2.9.3 to version 2.9.4 to fix:
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-3627
CVE-2016-3705
CVE-2016-4449
CVE-2016-4483
It is not known whether any of these affect OpenOffice.
Import a post-2.9.4 patch from the upstream git repo to fix a build
problem on systems with pre-C99 compilers.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758150 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 6fdc6058 | 28-Aug-2016 |
truckman |
The old download location for the dmake source is gone. Update the
suggested dmake download URL to
<http://sourceforge.net/projects/oooextras.mirror/files/dmake-4.12.tar.bz2>.
The old download location for the dmake source is gone. Update the
suggested dmake download URL to
<http://sourceforge.net/projects/oooextras.mirror/files/dmake-4.12.tar.bz2>.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758093 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| e6091915 | 28-Aug-2016 |
truckman |
Follow up to r1758061. Only pass -DPRECOMPILED_HEADERS to the compiler
when the precompiled header is actually going to be used.
git-svn-id: https://svn.apache.org/repos/asf/o
Follow up to r1758061. Only pass -DPRECOMPILED_HEADERS to the compiler
when the precompiled header is actually going to be used.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758092 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 7517f704 | 27-Aug-2016 |
truckman |
#i117845# [gbuild] invalid link-target dep-files can be generated
Fix the Windows build performance regression with precompiled headers
introduced by the fix for #i117845# that was merg
#i117845# [gbuild] invalid link-target dep-files can be generated
Fix the Windows build performance regression with precompiled headers
introduced by the fix for #i117845# that was merged from
branches/gbuild-reintegration by r1755455.
The use of precompiled headers is triggered by the use of two compiler
flags, -DPRECOMPILED_HEADERS which triggers the inclusion of a special
header for the library that includes all of the include files needed
for any source file in the library, and -Yu[headername] which tells the
the Microsoft compiler to use the precompiled version of this header.
It would be nice if these two flags were added to the compiler flags
at the same time, but they are not. The -DPRECOMPILED_HEADERS flag
is always added if the library is configured to use precompiled
headers, but the -Yu flag is only added conditionally if the flags
for building a particular source file match those that were used to
precompile the header. A further condition is the presence of
$(PCH_NAME), which is set as a target-specific variable on the
library, and which is supposed to be inherited by its dependencies
to be used when compiling the source files for the library.
Unfortunately the fix for #i117845 caused the source and object
files to be dependencies of a different target, which did not
have $(PCH_NAME) set. They did not inherit $(PCH_NAME), so they
were compiled with -DPRECOMPILED_HEADERS, but not -Yu, causing the
compiler to do more work than in the case where the precompiled
header option is disabled resulting in longer builds with the use
of this option.
Fix by setting a target-specific $(PCH_NAME) for the new target.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758061 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 4b3d8ae2 | 27-Aug-2016 |
pescetti |
#i127090# Provide fallback copy of gtest-1.7.0.zip on OOoExtras
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1758038 13f79535-47bb-0310-9956-ffa450edef68 |
| ad35682b | 27-Aug-2016 |
truckman |
Restore the --with-nasm-home code added to configure by r1756954
that was inadvertently deleted by r1757861.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@17579
Restore the --with-nasm-home code added to configure by r1756954
that was inadvertently deleted by r1757861.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757950 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 83fd49d4 | 27-Aug-2016 |
kschenk |
Commented out reference to HAMCREST_CORE_JAR since it is not used in current configure.ac.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757933 13f79535-47bb-0310-
Commented out reference to HAMCREST_CORE_JAR since it is not used in current configure.ac.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757933 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| f0157b90 | 26-Aug-2016 |
kschenk |
Put configure.ac back to r1755455 before junit, hamcrest vesion checks.
Newere versions have not been reverted.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@17
Put configure.ac back to r1755455 before junit, hamcrest vesion checks.
Newere versions have not been reverted.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757861 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| f78a4bb8 | 26-Aug-2016 |
truckman |
Upgrade bundled raptor from raptor-1.4.18 to raptor2-2.0.15 to get the
fix for CVE-2012-0037. It is not know whether this vulnerability
affects OpenOffice.
Also upgrade rasqal from
Upgrade bundled raptor from raptor-1.4.18 to raptor2-2.0.15 to get the
fix for CVE-2012-0037. It is not know whether this vulnerability
affects OpenOffice.
Also upgrade rasqal from version 0.9.16 to version 0.9.33 and redland
from version 1.0.8 to version 1.0.17 since all three packages are
closely related parts of the OpenOffice redland module for handling RDF.
OpenDocument version 1.2 documents contain an RDF metadata blob for
things like bookmarks and OLE objects.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757789 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 67098795 | 25-Aug-2016 |
pescetti |
#i127087# Update Portuguese dictionary to version 16.7.4.1
Patch-by: Pedro Lino
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757751 13f79535-47bb-0310-9956-ffa450e
#i127087# Update Portuguese dictionary to version 16.7.4.1
Patch-by: Pedro Lino
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757751 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| f70225e2 | 25-Aug-2016 |
pescetti |
#i127087# Update English dictionary to version 2016.07.01.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757745 13f79535-47bb-0310-9956-ffa450edef68 |
| 80bddf5a | 21-Aug-2016 |
pescetti |
#i126864# Language support: Add Venetan (vec)
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1757080 13f79535-47bb-0310-9956-ffa450edef68 |
| a8693330 | 19-Aug-2016 |
truckman |
Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h which
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenS
Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h which
fixes many vulnerabiliies and adds support for newer, more secure
ciphers and versions of the protocol.
Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites,
CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next
OpenSSL release. Their potential impact is low enough that that
various Linux distros have chosen not to apply the upstream patches
to the versions that they distribute.
On Windows, there is an optional new dependency on NASM,
<http://www.nasm.us/>. If NASM is not available, then the C
implementations of the low-level crypto code will be used instead
of the optimized assembly language versions. Since OpenOffice is
not a heavy user of this code, the impact should be minor. If NASM
is installed, but its location is not in $PATH, the directory
containing nasm.exe should be passed to configure using --with-nasm-home.
The fallback to the C crypto implementation also happens on Linux
if the version of gcc is sufficently old to indicate that the
toolchain is likely to not support the some of the instructions in
the assembly language versions of the code.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756954 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 4ca1d3aa | 12-Aug-2016 |
truckman |
Upgrade bundled libxslt from version 1.1.28 to version 1.1.29 to fix:
CVE-2016-1683
CVE-2016-1684
Whether any of these affect the OpenOffice usage of libxslt is not known.
Upgrade bundled libxslt from version 1.1.28 to version 1.1.29 to fix:
CVE-2016-1683
CVE-2016-1684
Whether any of these affect the OpenOffice usage of libxslt is not known.
OpenOffice uses libxslt for help, document signing and encryption, and
for RDF.
libxslt-CVE-2015-7995.patch is no longer needed because this issue
has been fixed upstream.
Re-roll the other patches, some of which got simplified because of
upstream fixes.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756231 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| f306dc6e | 11-Aug-2016 |
truckman |
Upgrade bundled curl to version 7.50.1 to fix:
CVE-2016-5419
CVE-2016-5420
CVE-2016-5421
Whether any of these affect the OpenOffice usage of curl is not known.
Upgrade bundled curl to version 7.50.1 to fix:
CVE-2016-5419
CVE-2016-5420
CVE-2016-5421
Whether any of these affect the OpenOffice usage of curl is not known.
OpenOffice only uses curl to access ftp:// URLs, which is likely to be
only rarely done.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1756017 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| a171ac4e | 10-Aug-2016 |
truckman |
#i127069#: bundled expat version 2.1.0 has two vulnerabilities
Upgrade bundled expat to version 2.2.0, which fixes:
CVE-2016-5300
CVE-2012-6702
It is not kno
#i127069#: bundled expat version 2.1.0 has two vulnerabilities
Upgrade bundled expat to version 2.2.0, which fixes:
CVE-2016-5300
CVE-2012-6702
It is not known whether these can be exploited when expat is used
as part of OpenOffice. All of input files to expat seem to come
from the OpenOffice source.
One patch is needed to the expat source, without which saxparser
crashes during the build. It has been submitted upstream, see
<https://sourceforge.net/p/expat/bugs/539/>. It is only triggered
when building expat with -DXML_UNICODE which is not the default,
but this flag is used when building the bundled expat.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1755873 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 0827b6cd | 10-Aug-2016 |
damjan |
Improve junit and hamcrest version detection.
Patch by: me
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1755788 13f79535-47bb-0310-9956-ffa450edef68 |
| 26b7a88b | 09-Aug-2016 |
truckman |
APR and APR-util were upgraded to 1.5.2 and 1.5.4 by r1745407. There
is no reason to keep the old source tarballs around.
git-svn-id: https://svn.apache.org/repos/asf/openoffi
APR and APR-util were upgraded to 1.5.2 and 1.5.4 by r1745407. There
is no reason to keep the old source tarballs around.
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1755656 13f79535-47bb-0310-9956-ffa450edef68
show more ...
|
| 317f9b58 | 09-Aug-2016 |
damjan |
Only enable subsequent checks if JUnit is available.
Patch by: me
git-svn-id: https://svn.apache.org/repos/asf/openoffice/trunk@1755631 13f79535-47bb-0310-9956-ffa450edef68 |