Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1019573: libreoffice-calc: Fake warning : The master password is stored in an outdated format, you should refresh it.
101 views
Skip to first unread message
rpnpif
Sep 12, 2022, 6:20:03 AM9/12/22
to
Package: libreoffice-calc
Version: 1:7.0.4-4+deb11u3
Severity: normal
Dear Maintainer,
Opening a calc file show this warning message: "The master password is stored in an outdated format, you should refresh it".
But I have not apply a password in Libreoffice or on this file. So this message is inappropriate.
It could make confusion for lot of users.
Regards.
-- Package-specific info:
-- System Information:
Debian Release: 11.5
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-18-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libreoffice-writer depends on:
ii libabw-0.1-1 0.1.3-1
ii libc6 2.31-13+deb11u4
ii libe-book-0.1-1 0.1.3-2
ii libepubgen-0.1-1 0.1.1-1
ii libetonyek-0.1-1 0.1.9-4
ii libgcc-s1 10.2.1-6
ii libicu67 67.1-7
ii libmwaw-0.3-3 0.3.17-1
ii libodfgen-0.1-1 0.1.8-2
ii libreoffice-base-core 1:7.0.4-4+deb11u3
ii libreoffice-common 1:7.0.4-4+deb11u3
ii libreoffice-core 1:7.0.4-4+deb11u3
ii librevenge-0.0-0 0.0.4-6+b1
ii libstaroffice-0.0-0 0.0.7-1
ii libstdc++6 10.2.1-6
ii libuno-cppu3 1:7.0.4-4+deb11u3
ii libuno-cppuhelpergcc3-3 1:7.0.4-4+deb11u3
ii libuno-sal3 1:7.0.4-4+deb11u3
ii libuno-salhelpergcc3-3 1:7.0.4-4+deb11u3
ii libwpd-0.10-10 0.10.3-1
ii libwpg-0.3-3 0.3.3-1
ii libwps-0.4-4 0.4.12-1
ii libxml2 2.9.10+dfsg-6.7+deb11u2
ii ucf 3.0043
ii uno-libs-private 1:7.0.4-4+deb11u3
ii zlib1g 1:1.2.11.dfsg-2+deb11u2
Versions of packages libreoffice-writer recommends:
ii libreoffice-math 1:7.0.4-4+deb11u3
Versions of packages libreoffice-writer suggests:
ii default-jre [java8-runtime] 2:1.11-72
ii fonts-crosextra-caladea 20130214-2.1
ii fonts-crosextra-carlito 20130920-1.1
ii libreoffice-base 1:7.0.4-4+deb11u3
ii libreoffice-java-common 1:7.0.4-4+deb11u3
ii openjdk-11-jre [java8-runtime] 11.0.16+8-1~deb11u1
Versions of packages libreoffice-core depends on:
ii fontconfig 2.13.1-4.2
ii fonts-opensymbol 2:102.11+LibO7.0.4-4+deb11u3
ii libboost-locale1.74.0 1.74.0-9
ii libc6 2.31-13+deb11u4
ii libcairo2 1.16.0-5
ii libclucene-contribs1v5 2.3.3.4+dfsg-1+b1
ii libclucene-core1v5 2.3.3.4+dfsg-1+b1
ii libcmis-0.5-5v5 0.5.2-3
ii libcups2 2.3.3op2-3+deb11u2
ii libcurl3-gnutls 7.74.0-1.3+deb11u3
ii libdbus-1-3 1.12.20-2
ii libdconf1 0.38.0-2
ii libeot0 0.01-5+b1
ii libepoxy0 1.5.5-1
ii libexpat1 2.2.10-2+deb11u3
ii libexttextcat-2.0-0 3.4.5-1
ii libfontconfig1 2.13.1-4.2
ii libfreetype6 2.10.4+dfsg-1+deb11u1
ii libgcc-s1 10.2.1-6
ii libglib2.0-0 2.66.8-1
ii libgpgmepp6 1.14.0-1+b2
ii libgraphite2-3 1.3.14-1
ii libgstreamer-plugins-base1.0-0 1.18.4-2
ii libgstreamer1.0-0 1.18.4-2.1
ii libharfbuzz-icu0 2.7.4-1
ii libharfbuzz0b 2.7.4-1
ii libhunspell-1.7-0 1.7.0-3
ii libhyphen0 2.8.8-7
ii libice6 2:1.0.10-1
ii libicu67 67.1-7
ii libjpeg62-turbo 1:2.0.6-4
ii liblcms2-2 2.12~rc1-2
ii libldap-2.4-2 2.4.57+dfsg-3+deb11u1
ii libmythes-1.2-0 2:1.2.4-3+b1
ii libneon27-gnutls 0.31.2-1
ii libnspr4 2:4.29-1
ii libnss3 2:3.61-1+deb11u2
ii libnumbertext-1.0-0 1.0.7-1
ii liborcus-0.16-0 0.16.1-3+b2
ii liborcus-parser-0.16-0 0.16.1-3+b2
ii libpng16-16 1.6.37-3
ii libpoppler102 20.09.0-3.1+deb11u1
ii libqrcodegencpp1 1.6.0-1
ii libraptor2-0 2.0.14-1.2
ii librdf0 1.0.17-1.1+b1
ii libreoffice-common 1:7.0.4-4+deb11u3
ii librevenge-0.0-0 0.0.4-6+b1
ii libsm6 2:1.2.3-1
ii libstdc++6 10.2.1-6
ii libuno-cppu3 1:7.0.4-4+deb11u3
ii libuno-cppuhelpergcc3-3 1:7.0.4-4+deb11u3
ii libuno-sal3 1:7.0.4-4+deb11u3
ii libuno-salhelpergcc3-3 1:7.0.4-4+deb11u3
ii libx11-6 2:1.7.2-1
ii libx11-xcb1 2:1.7.2-1
ii libxext6 2:1.3.3-1.1
ii libxinerama1 2:1.1.4-2
ii libxml2 2.9.10+dfsg-6.7+deb11u2
ii libxmlsec1 1.2.31-1
ii libxmlsec1-nss 1.2.31-1
ii libxrandr2 2:1.5.1-1
ii libxrender1 1:0.9.10-1
ii libxslt1.1 1.1.34-4+deb11u1
ii uno-libs-private 1:7.0.4-4+deb11u3
ii ure 1:7.0.4-4+deb11u3
ii zlib1g 1:1.2.11.dfsg-2+deb11u2
Versions of packages libreoffice-core recommends:
ii gstreamer1.0-libav 1.18.4-3
ii gstreamer1.0-plugins-bad 1.18.4-3
ii gstreamer1.0-plugins-base 1.18.4-2
ii gstreamer1.0-plugins-good 1.18.4-2+deb11u1
ii gstreamer1.0-plugins-ugly 1.18.4-2
ii libpaper-utils 1.1.28+b1
-- no debconf information
Version: 1:7.0.4-4+deb11u3
Severity: normal
Dear Maintainer,
Opening a calc file show this warning message: "The master password is stored in an outdated format, you should refresh it".
But I have not apply a password in Libreoffice or on this file. So this message is inappropriate.
It could make confusion for lot of users.
Regards.
-- Package-specific info:
-- System Information:
Debian Release: 11.5
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-18-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libreoffice-writer depends on:
ii libabw-0.1-1 0.1.3-1
ii libc6 2.31-13+deb11u4
ii libe-book-0.1-1 0.1.3-2
ii libepubgen-0.1-1 0.1.1-1
ii libetonyek-0.1-1 0.1.9-4
ii libgcc-s1 10.2.1-6
ii libicu67 67.1-7
ii libmwaw-0.3-3 0.3.17-1
ii libodfgen-0.1-1 0.1.8-2
ii libreoffice-base-core 1:7.0.4-4+deb11u3
ii libreoffice-common 1:7.0.4-4+deb11u3
ii libreoffice-core 1:7.0.4-4+deb11u3
ii librevenge-0.0-0 0.0.4-6+b1
ii libstaroffice-0.0-0 0.0.7-1
ii libstdc++6 10.2.1-6
ii libuno-cppu3 1:7.0.4-4+deb11u3
ii libuno-cppuhelpergcc3-3 1:7.0.4-4+deb11u3
ii libuno-sal3 1:7.0.4-4+deb11u3
ii libuno-salhelpergcc3-3 1:7.0.4-4+deb11u3
ii libwpd-0.10-10 0.10.3-1
ii libwpg-0.3-3 0.3.3-1
ii libwps-0.4-4 0.4.12-1
ii libxml2 2.9.10+dfsg-6.7+deb11u2
ii ucf 3.0043
ii uno-libs-private 1:7.0.4-4+deb11u3
ii zlib1g 1:1.2.11.dfsg-2+deb11u2
Versions of packages libreoffice-writer recommends:
ii libreoffice-math 1:7.0.4-4+deb11u3
Versions of packages libreoffice-writer suggests:
ii default-jre [java8-runtime] 2:1.11-72
ii fonts-crosextra-caladea 20130214-2.1
ii fonts-crosextra-carlito 20130920-1.1
ii libreoffice-base 1:7.0.4-4+deb11u3
ii libreoffice-java-common 1:7.0.4-4+deb11u3
ii openjdk-11-jre [java8-runtime] 11.0.16+8-1~deb11u1
Versions of packages libreoffice-core depends on:
ii fontconfig 2.13.1-4.2
ii fonts-opensymbol 2:102.11+LibO7.0.4-4+deb11u3
ii libboost-locale1.74.0 1.74.0-9
ii libc6 2.31-13+deb11u4
ii libcairo2 1.16.0-5
ii libclucene-contribs1v5 2.3.3.4+dfsg-1+b1
ii libclucene-core1v5 2.3.3.4+dfsg-1+b1
ii libcmis-0.5-5v5 0.5.2-3
ii libcups2 2.3.3op2-3+deb11u2
ii libcurl3-gnutls 7.74.0-1.3+deb11u3
ii libdbus-1-3 1.12.20-2
ii libdconf1 0.38.0-2
ii libeot0 0.01-5+b1
ii libepoxy0 1.5.5-1
ii libexpat1 2.2.10-2+deb11u3
ii libexttextcat-2.0-0 3.4.5-1
ii libfontconfig1 2.13.1-4.2
ii libfreetype6 2.10.4+dfsg-1+deb11u1
ii libgcc-s1 10.2.1-6
ii libglib2.0-0 2.66.8-1
ii libgpgmepp6 1.14.0-1+b2
ii libgraphite2-3 1.3.14-1
ii libgstreamer-plugins-base1.0-0 1.18.4-2
ii libgstreamer1.0-0 1.18.4-2.1
ii libharfbuzz-icu0 2.7.4-1
ii libharfbuzz0b 2.7.4-1
ii libhunspell-1.7-0 1.7.0-3
ii libhyphen0 2.8.8-7
ii libice6 2:1.0.10-1
ii libicu67 67.1-7
ii libjpeg62-turbo 1:2.0.6-4
ii liblcms2-2 2.12~rc1-2
ii libldap-2.4-2 2.4.57+dfsg-3+deb11u1
ii libmythes-1.2-0 2:1.2.4-3+b1
ii libneon27-gnutls 0.31.2-1
ii libnspr4 2:4.29-1
ii libnss3 2:3.61-1+deb11u2
ii libnumbertext-1.0-0 1.0.7-1
ii liborcus-0.16-0 0.16.1-3+b2
ii liborcus-parser-0.16-0 0.16.1-3+b2
ii libpng16-16 1.6.37-3
ii libpoppler102 20.09.0-3.1+deb11u1
ii libqrcodegencpp1 1.6.0-1
ii libraptor2-0 2.0.14-1.2
ii librdf0 1.0.17-1.1+b1
ii libreoffice-common 1:7.0.4-4+deb11u3
ii librevenge-0.0-0 0.0.4-6+b1
ii libsm6 2:1.2.3-1
ii libstdc++6 10.2.1-6
ii libuno-cppu3 1:7.0.4-4+deb11u3
ii libuno-cppuhelpergcc3-3 1:7.0.4-4+deb11u3
ii libuno-sal3 1:7.0.4-4+deb11u3
ii libuno-salhelpergcc3-3 1:7.0.4-4+deb11u3
ii libx11-6 2:1.7.2-1
ii libx11-xcb1 2:1.7.2-1
ii libxext6 2:1.3.3-1.1
ii libxinerama1 2:1.1.4-2
ii libxml2 2.9.10+dfsg-6.7+deb11u2
ii libxmlsec1 1.2.31-1
ii libxmlsec1-nss 1.2.31-1
ii libxrandr2 2:1.5.1-1
ii libxrender1 1:0.9.10-1
ii libxslt1.1 1.1.34-4+deb11u1
ii uno-libs-private 1:7.0.4-4+deb11u3
ii ure 1:7.0.4-4+deb11u3
ii zlib1g 1:1.2.11.dfsg-2+deb11u2
Versions of packages libreoffice-core recommends:
ii gstreamer1.0-libav 1.18.4-3
ii gstreamer1.0-plugins-bad 1.18.4-3
ii gstreamer1.0-plugins-base 1.18.4-2
ii gstreamer1.0-plugins-good 1.18.4-2+deb11u1
ii gstreamer1.0-plugins-ugly 1.18.4-2
ii libpaper-utils 1.1.28+b1
-- no debconf information
Rene Engelhard
Sep 12, 2022, 7:20:03 AM9/12/22
to
tag 1019573 + moreinfo
tag 1019573 + wontfix
thanks
Hi,
Am 12. September 2022 12:04:05 MESZ schrieb rpnpif <rpn...@trob.eu>:
>Opening a calc file show this warning message: "The master password is stored in an outdated format, you should refresh it".
https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306/
Which was added in deb11u2
>But I have not apply a password in Libreoffice or on this file. So this message is inappropriate.
>It could make confusion for lot of users.
Did you really not add a password for some other data/web connections?
In that case it is not a fake warning.
Regards
René
--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
Rene Engelhard
Sep 12, 2022, 7:30:04 AM9/12/22
to
tag - moreinfo
reassign 1019573 libreoffice-core
retitle 1019573 warning : The master password is stored in an outdated format, you should refresh it.
found 1019573 1:7.0.4-4+deb11u2
found 1019573 1:7.3.3~rc1-1
severity 1019573 minor
thanks
Hi again,
Am 12. September 2022 13:03:45 MESZ schrieb Rene Engelhard <re...@debian.org>:
>Did you really not add a password for some other data/web connections?
>In that case it is not a fake warning.
Rene Engelhard
Sep 12, 2022, 11:40:03 AM9/12/22
to
Hi,
Am 12.09.22 um 16:53 schrieb Rpnpif:
> Now, I understand the objective. What is confusing is that this
> message is untranslated
Well, I didn't collect (all) the translations, and didn't try to get the
7.3.x/7.4x translations then into 7.0.4, indeed.
I think a security fix shouldn't wait for this anyways.
> and troubling for the neophyte. That is all.
> I don't remember registering a password.
>
It might be that it's show in all cases, didn't check.
To he honest I just took the upstream patch 1:1 (except some massaging
to get it to build in 7.0.4) without even thinking about that :)
Regards,
Rene
Am 12.09.22 um 16:53 schrieb Rpnpif:
> Now, I understand the objective. What is confusing is that this
> message is untranslated
Well, I didn't collect (all) the translations, and didn't try to get the
7.3.x/7.4x translations then into 7.0.4, indeed.
I think a security fix shouldn't wait for this anyways.
> and troubling for the neophyte. That is all.
> I don't remember registering a password.
>
It might be that it's show in all cases, didn't check.
To he honest I just took the upstream patch 1:1 (except some massaging
to get it to build in 7.0.4) without even thinking about that :)
Regards,
Rene
Rpnpif
Sep 12, 2022, 11:40:03 AM9/12/22
to
Le 12/09/2022 à 13:17, Rene Engelhard a écrit :
>
>
> tag - moreinfo
> reassign 1019573 libreoffice-core
> retitle 1019573 warning : The master password is stored in an outdated format, you should refresh it.
> found 1019573 1:7.0.4-4+deb11u2
> found 1019573 1:7.3.3~rc1-1
> severity 1019573 minor
> thanks
>
> Hi again,
>
> Am 12. September 2022 13:03:45 MESZ schrieb Rene Engelhard <re...@debian.org>:
>> Did you really not add a password for some other data/web connections?
>> In that case it is not a fake warning.
>
> And I so thing better warn than being sorry. This is an official security-related fix and won't be changed by me.
>
Ok, Thanks, René, for your answer.
>
>
> tag - moreinfo
> reassign 1019573 libreoffice-core
> retitle 1019573 warning : The master password is stored in an outdated format, you should refresh it.
> found 1019573 1:7.0.4-4+deb11u2
> found 1019573 1:7.3.3~rc1-1
> severity 1019573 minor
> thanks
>
> Hi again,
>
> Am 12. September 2022 13:03:45 MESZ schrieb Rene Engelhard <re...@debian.org>:
>> Did you really not add a password for some other data/web connections?
>> In that case it is not a fake warning.
>
> And I so thing better warn than being sorry. This is an official security-related fix and won't be changed by me.
>
Now, I understand the objective. What is confusing is that this message
I don't remember registering a password.
This message does not appear after the first running of this new fixing.
So thanks to close this report.
Sorry for the inconvenience.
Regards;
--
Rpnpif
0 new messages