-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 May 2026 13:04:01 +0200
Source: libreoffice
Architecture: source
Version: 4:7.4.7-1+deb12u13
Distribution: bookworm-security
Urgency: medium
Maintainer: Debian LibreOffice Maintainers <debian-openoffice@lists.debian.org>
Changed-By: Rene Engelhard <rene@debian.org>
Changes:
 libreoffice (4:7.4.7-1+deb12u13) bookworm-security; urgency=medium
 .
   * debian/patches/CVE-2026-*.diff: fix
     - CVE-2026-6039 DXF heap-buffer-overflow in DrawLWPolyLineEntity
     - CVE-2026-6045 EMF+ Heap-buffer-overflow in EMFPBrush::Read
     - CVE-2026-8356 ANT-2026-01882: Stack Buffer Overflow in
       `SdrEscherImport::RecolorGraphic()`
     - CVE-2026-8357 ANT-2026-03093: Off-by-one heap-buffer-overflow in
       LibreOffice Calc formula compiler
     - CVE-2026-8358 ANT-2026-03238: Heap-buffer-overflow in LibreOffice
       Calc FODS tracked-changes importer via duplicate action ID
Checksums-Sha1:
 842b7b504b320acc466059e2697c1ff0853e1d4a 32270 libreoffice_7.4.7-1+deb12u13.dsc
 98a70a7a81f6efb34917b8c45d308c3eb2ce74f7 24766980 libreoffice_7.4.7-1+deb12u13.debian.tar.xz
 9c0d16a9a8c0b2253ebc7641213a45fe680dfc8e 36874 libreoffice_7.4.7-1+deb12u13_source.buildinfo
Checksums-Sha256:
 95ff421f8751dae9998791b93c7ece04800b70b390cc3a5850e9cacf3086e3e3 32270 libreoffice_7.4.7-1+deb12u13.dsc
 2882110d7491c7da4263283d0d3a73ec8ef4ab7eaa8053eb87cb299a16fc62ff 24766980 libreoffice_7.4.7-1+deb12u13.debian.tar.xz
 f72aea174ab349e16dc4ab525a3f03c6f0a6a24f2af2bd717b72ac07f748df11 36874 libreoffice_7.4.7-1+deb12u13_source.buildinfo
Files:
 317eace662aeea3207adefb322898fad 32270 editors optional libreoffice_7.4.7-1+deb12u13.dsc
 a3ebdf94516845065a9faf3fa6d758f3 24766980 editors optional libreoffice_7.4.7-1+deb12u13.debian.tar.xz
 c42ba69ad32b9426b17e42b22e51a730 36874 editors optional libreoffice_7.4.7-1+deb12u13_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCgAuFiEE4S3qRnUGcM+pYIAdCqBFcdA+PnAFAmoUrOQQHHJlbmVAZGVi
aWFuLm9yZwAKCRAKoEVx0D4+cJiAD/9+5BywJy94ze6ompA87SLQJGqBfnPr5n/O
I17VgfHZNDrZe0T9TNUEdZ452z+v+fidNLSPIkgRFVp8/BFDaUrXXBG7xwXb0xXz
Nd2xJBBJQE7YSmaS2CHtnOA3fiGgmCEkjtSE2M2o6bV+5nUHhwMGWaFxl+ixHNRJ
VNH4PCr5D4XlvVMRs0/ty/+If0BhCBcYFu8qnIZLkmutPsQuugHRxibomeo3qYiU
uQMVO2TT4ORassqyrCVlyeWzEjubkpjxzX25Nade9ePdn1/2zWlivdqy/3Ot+tQe
XI2LVj05Szmei92NuJaJAQOmXqIMjeoiVphudnVU2aUMq5fXGQGUHj+zgp1sDbqv
/EHqzdDADlkaZjT5XaGNZT5vwhKgmpzeuwhipbtaDaX7Cn0cmKum3+zXZ0cSjF8f
8sfrbTIk+Emu69zY4haV7LKtbNIDQskHzAZ5HgGUd/qpc5guvwllzsNlFBHCXnoY
r0EK3iO27KoDbXktxKA2Q8IsxZl05eeTM4rJjmRmTmeHshXAS6vmSwvS6b+bGYFS
6ktj2fVVNYHLFqbwpNc54anrIlkkBhcPxLx4KOc8K9ijJyAf1zibN6tGH0JYHurX
eDZOz8LAA5IlnSYzpJ2YxpxKFW3yDpBA/aYbQNyx+Z8U9wUbCeZqJDSEI0OCHkaB
7quej6nAvg==
=HmoM
-----END PGP SIGNATURE-----