Fix CVE-2024-6472 remove ability to trust not validated macro signatures in high security
Resolves: RHEL-52948
This commit is contained in:
parent
95b2641468
commit
cdf4c73ea2
@ -0,0 +1,79 @@
|
|||||||
|
From 1dec4285bd4c59c23a6a9a56cee9a66ebe0ba6c3 Mon Sep 17 00:00:00 2001
|
||||||
|
Message-ID: <1dec4285bd4c59c23a6a9a56cee9a66ebe0ba6c3.1723721182.git.erack@redhat.com>
|
||||||
|
From: Sarper Akdemir <sarper.akdemir@allotropia.de>
|
||||||
|
Date: Tue, 11 Jun 2024 12:39:36 +0200
|
||||||
|
Subject: [PATCH] remove ability to trust not validated macro signatures in
|
||||||
|
high security
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: multipart/mixed; boundary="------------erAck-patch-parts"
|
||||||
|
|
||||||
|
This is a multi-part message in MIME format.
|
||||||
|
--------------erAck-patch-parts
|
||||||
|
Content-Type: text/plain; charset=UTF-8; format=fixed
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
|
||||||
|
Giving the user the option to determine if they should trust an
|
||||||
|
invalid signature in HIGH macro security doesn't make sense.
|
||||||
|
CommonName of the signature is the most prominent feature presented
|
||||||
|
and the CommonName of a certificate can be easily forged for an
|
||||||
|
invalid signature, tricking the user into accepting an invalid
|
||||||
|
signature.
|
||||||
|
|
||||||
|
in the HIGH macro security setting only show the pop-up to
|
||||||
|
enable/disable signed macro if the certificate signature can be
|
||||||
|
validated.
|
||||||
|
|
||||||
|
cherry-picked without UI/String altering bits for 24-2
|
||||||
|
|
||||||
|
Change-Id: Ia766fb701660160ee5dc9f6e077f4012a44ce721
|
||||||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168667
|
||||||
|
Tested-by: Jenkins
|
||||||
|
Reviewed-by: Sarper Akdemir <sarper.akdemir@allotropia.de>
|
||||||
|
(cherry picked from commit 2beaa3be3829303e948d401f492dbfd239d60aad)
|
||||||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/169525
|
||||||
|
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
||||||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171306
|
||||||
|
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
|
||||||
|
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
|
||||||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171314
|
||||||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171315
|
||||||
|
---
|
||||||
|
sfx2/source/doc/docmacromode.cxx | 8 ++++++--
|
||||||
|
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
|
||||||
|
--------------erAck-patch-parts
|
||||||
|
Content-Type: text/x-patch; name="0001-remove-ability-to-trust-not-validated-macro-signatur.patch"
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
Content-Disposition: attachment; filename="0001-remove-ability-to-trust-not-validated-macro-signatur.patch"
|
||||||
|
|
||||||
|
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
|
||||||
|
index 919033cbaf5d..33d546f2920a 100644
|
||||||
|
--- a/sfx2/source/doc/docmacromode.cxx
|
||||||
|
+++ b/sfx2/source/doc/docmacromode.cxx
|
||||||
|
@@ -228,14 +228,18 @@ namespace sfx2
|
||||||
|
// check whether the document is signed with trusted certificate
|
||||||
|
if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
|
||||||
|
{
|
||||||
|
+ SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
|
||||||
|
+
|
||||||
|
// the trusted macro check will also retrieve the signature state ( small optimization )
|
||||||
|
const SvtSecurityOptions aSecOption;
|
||||||
|
const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
|
||||||
|
&& (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE
|
||||||
|
- || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors));
|
||||||
|
+ || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors))
|
||||||
|
+ && (nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_WARN
|
||||||
|
+ || nSignatureState == SignatureState::OK);
|
||||||
|
+
|
||||||
|
const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor);
|
||||||
|
|
||||||
|
- SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
|
||||||
|
if ( nSignatureState == SignatureState::BROKEN )
|
||||||
|
{
|
||||||
|
if (!bAllowUIToAddAuthor)
|
||||||
|
|
||||||
|
--------------erAck-patch-parts--
|
||||||
|
|
||||||
|
|
@ -57,7 +57,7 @@ Summary: Free Software Productivity Suite
|
|||||||
Name: libreoffice
|
Name: libreoffice
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: %{libo_version}.1
|
Version: %{libo_version}.1
|
||||||
Release: 13%{?libo_prerelease}%{?dist}
|
Release: 14%{?libo_prerelease}%{?dist}
|
||||||
License: (MPLv1.1 or LGPLv3+) and LGPLv3 and LGPLv2+ and BSD and (MPLv1.1 or GPLv2 or LGPLv2 or Netscape) and Public Domain and ASL 2.0 and MPLv2.0 and CC0
|
License: (MPLv1.1 or LGPLv3+) and LGPLv3 and LGPLv2+ and BSD and (MPLv1.1 or GPLv2 or LGPLv2 or Netscape) and Public Domain and ASL 2.0 and MPLv2.0 and CC0
|
||||||
URL: http://www.libreoffice.org/
|
URL: http://www.libreoffice.org/
|
||||||
|
|
||||||
@ -297,6 +297,7 @@ Patch41: 0004-CVE-2023-6186-reuse-AllowedLinkProtocolFromDocument-in-writer.patc
|
|||||||
Patch42: 0005-CVE-2023-6186-reuse-AllowedLinkProtocolFromDocument-in-impress-dra.patch
|
Patch42: 0005-CVE-2023-6186-reuse-AllowedLinkProtocolFromDocument-in-impress-dra.patch
|
||||||
Patch43: 0006-CVE-2023-6186-backporting.patch
|
Patch43: 0006-CVE-2023-6186-backporting.patch
|
||||||
Patch44: 0001-CVE-2024-3044-add-notify-for-script-use.patch
|
Patch44: 0001-CVE-2024-3044-add-notify-for-script-use.patch
|
||||||
|
Patch45: 0001-CVE-2024-6472-remove-ability-to-trust-not-validated-macro-signatur.patch
|
||||||
|
|
||||||
# not upstreamed
|
# not upstreamed
|
||||||
Patch500: 0001-disable-libe-book-support.patch
|
Patch500: 0001-disable-libe-book-support.patch
|
||||||
@ -2300,6 +2301,10 @@ gtk-update-icon-cache -q %{_datadir}/icons/hicolor &>/dev/null || :
|
|||||||
%{_includedir}/LibreOfficeKit
|
%{_includedir}/LibreOfficeKit
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Aug 15 2024 Eike Rathke <erack@redhat.com> - 1:7.1.8.1-14
|
||||||
|
- Fix CVE-2024-6472 remove ability to trust not validated macro signatures in
|
||||||
|
high security
|
||||||
|
|
||||||
* Fri Jun 07 2024 Eike Rathke <erack@redhat.com> - 1:7.1.8.1-13
|
* Fri Jun 07 2024 Eike Rathke <erack@redhat.com> - 1:7.1.8.1-13
|
||||||
- Fix CVE-2024-3044 add notify for script use
|
- Fix CVE-2024-3044 add notify for script use
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user