Accepting request 1186978 from LibreOffice:Factory

24.2.5 + security updates

OBS-URL: https://build.opensuse.org/request/show/1186978
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libreoffice?expand=0&rev=295

cve-2024-5261.patch

@@ -0,0 +1,29 @@
+commit bdb47881a214b659b6102c78e5e082197ecf15c7
+Author: Thorsten Behrens <thorsten.behrens@allotropia.de>
+Date:   Thu May 16 17:43:38 2024 +0200
+
+    Revert "tdf#109347: don't verify SSL certificate for crashreport upload"
+    
+    With recent improvements in libcurl CA usage on Linux, this workaround
+    is no longer needed. See also 11f439b861922b9286b2e47ed326f3508a48d44e
+    
+    This reverts commit ec4229bc49a315f3f17664bb43e61d3b2e13fb87.
+    
+    Change-Id: I09124691687297f3b6ae0b9ca64652809caf3a11
+    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/167752
+    Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
+    Tested-by: Jenkins
+    Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
+
+diff --git a/desktop/source/minidump/minidump.cxx b/desktop/source/minidump/minidump.cxx
+index 90d23f51acf3..6e0b0141869d 100644
+--- a/desktop/source/minidump/minidump.cxx
++++ b/desktop/source/minidump/minidump.cxx
+@@ -119,7 +119,6 @@ static bool uploadContent(std::map<std::string, std::string>& parameters, std::s
+ 
+     curl_easy_setopt(curl, CURLOPT_URL, url.c_str());
+     curl_easy_setopt(curl, CURLOPT_USERAGENT, kUserAgent);
+-    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, false);
+     // Set proxy information if necessary.
+     if (!proxy.empty())
+     {

libreoffice-24.2.4.2.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9e3180a550af2c5f5c70a64516ef083ca6149076beafee33d83c4edb55b5ee83
-size 279938452

libreoffice-24.2.4.2.tar.xz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEEwoOeytlAj76VMcPp9DSh76/urqMFAmZe8MAACgkQ9DSh76/u
-rqMozg//TAcRAZN16MJ3LgUwDOiw/UWqfWE+VlYqsYQNVjmg8MVxNpqBX1SHVhM+
-/rNse2RPImgrZkasIrB3v2qWE9S8PDlHOCFO0CD2w56kLr9T5EyM1WbvhLLtC3Ei
-8Ar5ndysG6FGwhqh4F4JWerfcJoH+gAtLC+NONfZJb7oyJVbvuntcKCzIURiNpUk
-9PvdsImF1JhRsPkfuQeV62W+xWt53KXYH2dyvwj91Hns6bmJOF00zXIy1hWaw5nY
-BWDs7uIXakP7UWQKLwl4Tw/7qAFtaAA0KSxJS63G0m+kX1NJz6Z6sbGZxp7PZ5KS
-pRMmmiL7ItJIiBk54kulfL5wmrJELR9LmDec1QcqyPgGuJrIpIPLt7QF82JkJ7me
-O0EPsXOaOLpwQZeT8ng4y+MsdARqlYOlSpCUDreq4WDYMtTeo5RFyH9XvihiLTCe
-ugCDJvIjp71upMrcF2nUMjfpg21WLq/UYHit9xkLZK+5rlO2/qx5hdIZuQspWoyF
-Jae+MSaDIpRVrXubtrR72GVzSIz0XO8okrcbZV5AcJfWwSL448ivHFL7jw5Qje07
-jgAAZv92j8VPZk5jlcx9zqmBAqKKmSerVOsFTw3sNzHxO5wVs/UZCiluO301pKDW
-yXH+tQXjZMcbnntamdeqOZJTKiTLbx8WdZLHPgWj8EJ7hJBWON8=
-=ec2/
------END PGP SIGNATURE-----

libreoffice-24.2.5.2.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9c16e4f7415521e42dda48d76a614e18e78fc5e5fae689b4bbe8139ed8a70a0e
+size 280162592

libreoffice-24.2.5.2.tar.xz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIyBAABCAAdFiEEwoOeytlAj76VMcPp9DSh76/urqMFAmaOpuQACgkQ9DSh76/u
+rqN2YA/3a3Uk78OIx+RLLGEQo40ABYqjWfsmC0r8mpxMG657i7SkO7WZsE6YCMFp
+RCmMwOqN7WEQWEkaYg5Lpt+9lHpFaxN3/XIpe7h8PZQtlNyJkdMP4YQSeXTwnI1x
+U5bG/xF7F2hkilwTD2OSUGGyJCYBEb2L4hxtGn2FJiaWMy0KJyvUgQeFUPjOxthj
+baFUFodnAX9KZWzke28u6yGYQg0202Moa6L/gEqTZK+zdtXJBOIwQwnIJ6tZdQSJ
+AOEdOpvUTtP6g8TtGXst3Ffg/SUycdRiOF3jpi5YcyO2Mz8ZQct+LqPN2P7kj5nP
+0QY4X48zAKiQ3hELOa2DNyQkWJKUdaSok7nzqZ4PWT5sdwLUEoyDU4Iu5g4C9Nvr
+R131zeR0TtIbfPyNOijknW6DvMTMkI+khcEQ0alPYMblGdWJA2LS/1Ocgz9Vn6NO
++e3tdYg9n6Gves8DrXSIjKElFY1guYnRC0SuO05Owh1tkwB2XFq8VmTvttc0KWt+
+BUR6U5IeHATsq/IlRmRa6Wgb1GBj6XrR31NF8CMVzfLMQo+2pZvWd8FDWSs1KwKS
+EDrLVSTfNs0YKRmVh2XLoCYLxOoJd2wwwnq/Vd7xh4iPsfvdncNZYV1RJQirzXJd
+E7hjo7GVtTjY17YnSbNxc8NafCbWkChaMEVbFTVg3TKb0j/2Aw==
+=aVgl
+-----END PGP SIGNATURE-----

libreoffice-help-24.2.4.2.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d818370c54012ba2ecde41bb3a63275e9e6a1087fc239c87fbe7722753067cea
-size 167013820

libreoffice-help-24.2.4.2.tar.xz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEEwoOeytlAj76VMcPp9DSh76/urqMFAmZe8MMACgkQ9DSh76/u
-rqOjDRAArbzMi+dtDS2lDwsMj5BIWy2FRxq0L/ZYkwKEaOg9xnPgbXqd5w1uV+X5
-n9eDvJbKWZzo6+P9GeBq4aC4r18iUXKc8NQk+n8GJAktH0ur8NOjw4S6gupcaLgd
-385Txopn03s5URTYCaysaI0BcdYcPONu1dO4kfzdM4HZhJYwEgZEf2z22QN5GQM6
-X5lAz0vo7oQUicC9Jp9omAgPbBt1PdGA7SvFZNI9XzSYAOVOcGiCMlUkZ84oVBIC
-vXT8BK6RLOMmGo4CxFsYv2H1jJL/wde6p2XmtOMDEOpUMVJa/WxIADGdkE9RrJe6
-PtjeAbp++pwLfkBToSjv7mrafEteaUI/DPV7aKFVbnNJqali0C8aPFnnU3uVarzE
-iIbfJKfsRKTRz8+qp1iSc///EaGrdsHyWmYkTFYn7/8spSVg/WPO+JHXR3M6JEK3
-mrrDnaVP5xCerhxaUlWPWzLUP7mLEoXnN0QJ/wbQXYYXfG//gInJf9mcPMibiJsk
-zoBZFdul0ISVScvQnyGYtvjmJx1S71qosI0g7wSd/aOhenIW/iP+FsRoZ+sLL1+x
-Fs5Oa2cb1PATedp6sv8cU27/LiIPcNXFIrr55fBvfb/S+/tgcmeYyAJEywSyYKXW
-mPoph9QqOMHkOAFNQCzKDwSiN6JLm+cLLCeAqhrMTpxLd2miFsQ=
-=onMf
------END PGP SIGNATURE-----

libreoffice-help-24.2.5.2.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:545fdbcbb00ddff1acda18d33cfceec792d0a2ac0f92f4ecbe3f16691b8a1724
+size 167013608

libreoffice-help-24.2.5.2.tar.xz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEEwoOeytlAj76VMcPp9DSh76/urqMFAmaOpukACgkQ9DSh76/u
+rqOZZw//ZKvkUB72G2H19awUeWu6eFLE36ftppLd7ceDEJJlnNGrSGWlevZ5EFaf
+OZCb/urw6sP100zQmEq/AwwPKO61h7IH+prrzjrfcMxXmKcDDYCIFjXtZNx6/DMD
+YHqXLZuQphv79um/CAbDOJuWx/hd08XEefjIlc3Y0P4B90DTVLiy2JwTRMEMdxpp
+1C5YeD7bT72K7xj5sYvFg58UsGGRQhpK2+QPgT2qu/tHtLD53ujPpoB81RX5SpIA
+3gMJpTGn5ycvV797A5RpQUeC14aYc2eEvUid2nFSCdtPLMsvImYCC0YHuFq4X/Hi
+ItfqYot1JpT0wUX4539IwwsZjM9LW2OLa8mfOHeSu8owB8TJx1ykAAOuQACZfRBq
+DTf0BraRYBk43plU2Gk45aWlmOULNKi31hWsGjvy1q5sE1cPfX/wjAGnXc40UzPw
+BX6vbYpNWBtA5Vktpm73bNoyTxQdozZJCRCZij7yjsGOquQ2c8GFrXpR+6DSbJaS
+7R4kfJ5Jt7I7BllBY8ipOXnNVW80WOtfYEjNvZAljBOyUD4hKYnlgH6V8Xdf4CNm
+Z1VDlU1h74xOf8QQ0MBCVevoXETOFM3O4Yyhk8WvpmpiVTZvd12SpNazvVAViif3
+4IChjzwwpUbs8a1Aznq/uEykOchaTU1P6TwQ1tQmYFScz+uO6LA=
+=kaQ0
+-----END PGP SIGNATURE-----

libreoffice-translations-24.2.4.2.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b8f3dad0a88d7998a2a2333fb1d16c0187b3dfd480ecf65d3b71468160dc9fcd
-size 219388244

libreoffice-translations-24.2.4.2.tar.xz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEEwoOeytlAj76VMcPp9DSh76/urqMFAmZe8MYACgkQ9DSh76/u
-rqPOxw//Tw2pe44nfTRNMJiUO1M2XuIsoYwrLt/N7HYFDzrWPju98jUVgTIbLvBt
-TCOXpE5/prja2mNVQyApv1UTTauEbeZY+PfKm8bRWyd7n/ZtFYhXAjS8ZJJkIASZ
-912N5J3kAIIxYM2pmkgEvCD7aCVMmbYBH9RvbG6GC4teTr2nNu3MlTxdPMGfbwTL
-PbZFzXbEv1s8nkSR3qiW11kiYRw5tL3lrlVv0t15YbGacLHGqpvI8+aqIJAi+YG7
-iYc3buuisEMmcEtW2Nn47GAv/2Aypm8e8qcFbOtKH06/6qADA7IkWl8aTbBoCG5D
-T3Jp9YDnPChD0dcYXGoazlygGa5lPy4VCMCVThk5N82Nsh/3XHpU7j8w7ek4yT+W
-VE1dQDDGvvllsZpz5iMbrSMqmK9zAymqOX5JhDyanZsBNMlOgHnI4iHd+baa1Rb1
-soD9GI8w7UrnNJDS48QidpxtZpFKMvQ/xv6pfoNhTmCu1gsJHaWVPZPeJl3M4Rhs
-n0uka7KM1BCihR5+hKeEOafMOuJ2BKPVd7E+yQHbIK03CKxlFMiVQXV51E3mMTjl
-NM5CDP1jzk2taHY97gJ0r73IJWwP97jJ/4tk+rtGCCLqA887cdMSG9k1aUlFjunT
-ANRwKGxkR65R5j0V5N8ryKCUGVGSyRYtb0IBKv3afPhuKEgsDDo=
-=ft+E
------END PGP SIGNATURE-----

libreoffice-translations-24.2.5.2.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3cb01f83a3a605082b2054874741c74db69b8bdbd0c009304515fe547c20313b
+size 219379548

libreoffice-translations-24.2.5.2.tar.xz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEEwoOeytlAj76VMcPp9DSh76/urqMFAmaOpukACgkQ9DSh76/u
+rqMdxw/+M6B0ocSeZbTrKc3r2hG0Pawg9uKjuo8RNRZsWc1gkaH1PotPmDckVyhk
+62gokHB0R2Zk4KpuxAF/tpJHAaLE0bhq+C4tvvne9XmerIfJS9dXW7nVNvec3uJQ
+QxN/yI4tiEeXx46lPxfVNY10oj73mDrLQrtlrssjC0VE6GxvQI0Fe/dCJJQj812B
+cI7IsFU/ODqpE5ljnx3XspL6hkkgaoab3uBlDaw4d5RbsXzJ4dsPj0deZR4DNrTh
+mJGeDNHUU0bYIuO+RaMyf2SmO1CHB2leTgolkIdzpf3IM251rXXTx6hvwP7GCffS
+g4NaJykqlOIVGiULbFtfzVIBa/T/zcODlSlnSVT3Qt9G5NGuPR9ihxyGRGCC+jdH
+cME3Sn+O83Nca4RHpdiME1Y3wk/ExRhQnuGPM3YQQF5VPgcyBwTE9YwSvn9ne9IF
+Zb+ebcSsSYx2tH0QAnx2XHRsKnMyI/fXR6vIzSRIoMKdIaY/5AtSLaM/asaBoS4W
+BifSMPx4jQ91j/PmdFWk0uTkXP5NLlp4XZXUR4CYHZ2wgOBV2OE7dQowijsbYWFu
+pe6/sbPG0b4c9Z3Qdc95CAIOEyYFlOxpKadUNmu+SPyw41hRhfGSyNs/FZeSCa10
+I4pJBG9lvT3M3OgQEOmhuKzBL+McpT87lyrNf5+WkzGVBd0rlI0=
+=hwn7
+-----END PGP SIGNATURE-----

libreoffice.changes

@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Thu Jul 11 21:03:49 UTC 2024 - Fridrich Strba <fstrba@suse.com>
+
+- Update to 24.2.5.2 (24.2.5 final)
+  https://wiki.documentfoundation.org/Releases/24.2.5/RC1 and
+  https://wiki.documentfoundation.org/Releases/24.2.5/RC2
+- Added patch:
+  * pdfium-optional.patch
+    + fix build of pdfium with system abseil-cpp
+
+-------------------------------------------------------------------
+Wed Jul 10 17:49:13 UTC 2024 - Martin Schreiner <martin.schreiner@suse.com>
+
+- Remove recommendation on libreoffice-qt5 to keep the same behaviour
+  as we do for libreoffice-qt6, which is not recommending it by
+  default (bsc#1227145).
+- Add patch for CVE-2024-5261 (bsc#1226975):
+  * cve-2024-5261.patch
+- This patch won't be needed when LibreOffice 24.8 is released, as
+  it's been merged upstream.
+
 -------------------------------------------------------------------
 Tue Jul  2 19:16:57 UTC 2024 - Martin Schreiner <martin.schreiner@suse.com>
 

libreoffice.spec

@@ -78,7 +78,7 @@
 %global with_gcc 12
 %endif
 Name:           libreoffice
-Version:        24.2.4.2
+Version:        24.2.5.2
 Release:        0
 Summary:        A Free Office Suite (Framework)
 License:        LGPL-3.0-or-later AND MPL-2.0+
@@ -131,6 +131,7 @@ Patch1:         scp2-user-config-suse.diff
 # FIXME: the right fix is to compile the help and produce the .db_, .ht_, and other files
 Patch2:         nlpsolver-no-broken-help.diff
 Patch3:         mediawiki-no-broken-help.diff
+Patch4:         pdfium-optional.patch
 # PATCH-FIX-OPENSUSE boo#1186110 fix GCC 11 error
 Patch6:         gcc11-fix-error.patch
 Patch9:         fix_math_desktop_file.patch
@@ -148,6 +149,8 @@ Patch991:       libreoffice-no-destdircheck.patch
 Patch992:       python34-no-f-strings.patch
 # Fix build with icu 74 (bsc#1224309)
 Patch993:       icu-74-compatibility.patch
+# PATCH-FIX-UPSTREAM CVE-2024-5261 (bsc#1226975)
+Patch994:       cve-2024-5261.patch
 BuildRequires:  %{name}-share-linker
 BuildRequires:  ant
 BuildRequires:  autoconf
@@ -291,9 +294,6 @@ Requires:       libreoffice-l10n-en = %{version}
 Requires:       python3
 Recommends:     dejavu-fonts
 Recommends:     google-carlito-fonts
-%if %{with qt5}
-Recommends:     libreoffice-qt5
-%endif
 Provides:       %{name}-draw-extensions = %{version}
 Obsoletes:      %{name}-draw-extensions < %{version}
 Provides:       %{name}-impress-extensions = %{version}
@@ -1089,6 +1089,7 @@ Provides %{langname} translations and additional resources (help files, etc.) fo
 %endif # Leap 42/SLE-12
 %patch -P 2
 %patch -P 3
+%patch -P 4
 %patch -P 6 -p1
 %patch -P 9 -p1
 %if 0%{?suse_version} < 1500
@@ -1103,6 +1104,7 @@ Provides %{langname} translations and additional resources (help files, etc.) fo
 %patch -P 992 -p1
 %endif
 %patch -P 993 -p1
+%patch -P 994 -p1
 
 # Disable some of the failing tests (some are random)
 %if 0%{?suse_version} < 1330

pdfium-optional.patch

@@ -0,0 +1,29 @@
+--- external/pdfium/annot.patch.1
++++ external/pdfium/annot.patch.1
+@@ -2,6 +2,17 @@ diff --git a/fpdfsdk/fpdf_annot.cpp b/fpdfsdk/fpdf_annot.cpp
+ index bc1f7f7eb..075baf1df 100644
+ --- a/fpdfsdk/fpdf_annot.cpp
+ +++ b/fpdfsdk/fpdf_annot.cpp
++@@ -8,6 +8,10 @@
++ #include <sstream>
++ #include <utility>
++ #include <vector>
+++#ifdef USE_SYSTEM_ABSEIL
+++#include <optional>
+++#include <absl/types/optional.h>
+++#endif
++ 
++ #include "constants/annotation_common.h"
++ #include "core/fpdfapi/edit/cpdf_pagecontentgenerator.h"
+ @@ -1366,6 +1366,42 @@ FPDFAnnot_GetFontSize(FPDF_FORMHANDLE hHandle,
+    return true;
+  }
+@@ -32,7 +40,7 @@ index bc1f7f7eb..075baf1df 100644
+ +  if (!pWidget)
+ +    return false;
+ +
+-+  std::optional<FX_COLORREF> text_color = pWidget->GetTextColor();
+++  absl::optional<FX_COLORREF> text_color = pWidget->GetTextColor();
+ +  if (!text_color)
+ +    return false;
+ +