:: [DNG] DSA (Beowulf) Patch missing
Top Page
Delete this message
Reply to this message
Author: fraser kendall
To: dng@lists.dyne.org
Subject: [DNG] DSA (Beowulf) Patch missing
Debian Security Advisory DSA-4519-1
Moritz Muehlenhoff September 08, 2019

Package        : libreoffice
CVE ID         : CVE-2019-9854

It was discovered that the code fixes for LibreOffice to address
CVE-2019-9852 were not complete. Additional information can be found at

For the oldstable distribution (stretch), this problem has been fixed
in version 1:5.2.7-1+deb9u11.

For the stable distribution (buster), this problem has been fixed in
version 1:6.1.5-3+deb10u4.

# apt-get update && apt-cache policy libreoffice
Hit:1 http://pkgmaster.devuan.org/merged ascii InRelease
Hit:3 http://pkgmaster.devuan.org/merged beowulf
InRelease Hit:4 http://pkgmaster.devuan.org/merged ascii-updates
InRelease Hit:5 http://pkgmaster.devuan.org/merged beowulf-updates
InRelease Hit:6 http://pkgmaster.devuan.org/merged ascii-security
InRelease Hit:7 http://pkgmaster.devuan.org/merged beowulf-security
InRelease Hit:2 http://packages.roundr.devuan.org/devuan experimental
InRelease Hit:8 http://pkgmaster.devuan.org/merged
InRelease Hit:9 http://pkgmaster.devuan.org/merged    
Reading package lists... Done
    libreoffice: Installed: 1:6.1.5-3+deb10u3 Candidate:
    1:6.1.5-3+deb10u3 Version table:
 *** 1:6.1.5-3+deb10u3 500
500 http://pkgmaster.devuan.org/merged beowulf/main amd64 Packages 
500 http://pkgmaster.devuan.org/merged beowulf-security/main amd64
100 /var/lib/dpkg/status
1:5.2.7-1+deb9u11 500 
500 http://pkgmaster.devuan.org/merged ascii-security/main amd64
Packages 1:5.2.7-1+deb9u10 500 
500 http://pkgmaster.devuan.org/merged ascii/main amd64 Packages

When you reach the end of your rope...
Tie a knot and hang on!