On August 28, The Document Foundation announced LibreOffice 4.3.1, the first minor release of LibreOffice 4.3 “fresh” family, with over 100 fixes (including patches for two CVEs). The CVEs that were patched in LibreOffice 4.3.1 (and also in LibreOffice 4.2.6) are CVE-2014-3524 “CSV Command Injection and DDE formulas” and CVE-2014-3575 “Arbitrary File Disclosure using crafted OLE objects“.
If you want to be reminded of the new features in LibreOffice 4.3 then I advise you to read the Release Notes. My previous post on LO 4.3.0 mentions some of these improvements as well.
Note that when I upgraded the LibreOffice packages in my Slackware 14.1/current repository from 4.2.5 to 4.3.0 last month, the result was that there is no 4.2 version to be found anymore in the repository (I offer LibreOffice 4.1.6 in the Slackware 14.0 repository). I added a build script for LibreOffice 4.2.6 in the sources directory, in case you want to try building 4.2.6 yourself. The two aforementioned CVE’s have been applied to the latest source tarballs of LibreOffice 4.2.6, versioned “22.214.171.124”.
With regard to MS Office compatibility, I have another remark. In the 4.2 releases I added copies of two open source TrueType fonts which are metric-compatible with two popular Microsoft fonts. Having these fonts available to LibreOffice means that the layout of MS Office documents when you open them in LibreOffice will be unaltered because the replacement fonts (Carlito for MS Calibri and Caladea for MS Cambria) have the same font metrics as the Microsoft ones. When updating the libreoffice.SlackBuild script I decided that I would rather have these two fonts available to the whole system, not just to LibreOffice. Therefore I created two separate packages for these fonts, and if you do not yet have the (non-free) Microsoft web core fonts installed I advise you strongly to install the open source Carlito and Caladea font packages.
LibreOffice 4.3.1 packages for Slackware 14.1 and -current are ready for download from the usual mirror locations:
- http://www.slackware.com/~alien/slackbuilds/libreoffice/ (master site)
- http://taper.alienbase.nl/mirrors/people/alien/slackbuilds/libreoffice/ (my own US mirror)
- http://repo.ukdw.ac.id/alien-libreoffice/ (Indonesia)
- http://alien.slackbook.org/slackbuilds/libreoffice/ (US)
- http://slackware.org.uk/people/alien/slackbuilds/libreoffice/ (UK)
A note about KDE integration:
If you are on KDE and simply “upgradepkg” the libreoffice packages, your application may suddenly look very out of style, having switched to a GTK look & feel. All you need to do is “installpkg” the new libreoffice-kde-integration package (I split the KDE support out of the big LO package and into its own separate package for LO 4.2.3, so it’s possible that you already have it). One thing is worth noting, despite the fact that this is called “KDE integration”: due to bugs in Qt4 which have not been patched in Slackware’s version of the Qt4 package, the KDE file picker has been disabled in this package. Here is the relevant piece of build output:
*WARNING: native KDE4 file pickers will be disabled at runtime, Qt4 fixes needed
*WARNING: https://bugreports.qt-project.org/browse/QTBUG-37380 (needed)
*WARNING: https://bugreports.qt-project.org/browse/QTBUG-34614 (needed)
*WARNING: https://bugreports.qt-project.org/browse/QTBUG-38585 (recommended)
If you have a lot of spare time available, you can hunt down those three Qt4 patches, apply them to the Slackware package source and then recompile the qt4 and libreoffice packages…
Pingback: Links 31/8/2014: Linux 3.12.27, Akademy 2014 | Techrights
Hi Eric! Thank you for these packages. They work great so far.
Pingback: Alien Pastures » LibreOffice, Chromium news