ELSA-2017-0914

Опубликовано: 12 апр. 2017

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2017-0914: libreoffice security and bug fix update (MODERATE)

[1:5.0.6.2-5.0.1.1]

Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile
Build with --with-vendor='Oracle America, Inc.'

[1:5.0.6.2-5.1]

Resolves: rhbz#1435534 CVE-2017-3157 Arbitrary file disclosure in Calc and Writer

[1:5.0.6.2-5]

Resolves: rhbz#1426348 Encrypted files opening as plain text after cancelling password dialog

[1:5.0.6.2-4]

Resolves: rhbz#1425535 crash in calc on exit after using csv dialog with a11y enabled
Resolves: rhbz#1425536 crash in calc on closing dialog with a11y enabled

[1:5.0.6.2-3]

Resolves: rhbz#1364335 tooltips are truncated

[1:5.0.6.2-2]

Resolves: rhbz#1353839 CVE-2016-4324 dereference of invalid STL iterator on processing RTF file

[1:5.0.6.2-1]

Related: rhbz#1290148 rebase to 5.0.6
Related: rhbz#1290148 include more fixes from F-23

[1:5.0.5.2-2]

Related: rhbz#1290148 remove unintentional dependency of libreoffice-core on libreoffice-calc
Related: rhbz#1290148 restore lost changelog entry
Related: rhbz#1290148 add additional 5.0.6 patches

[1:5.0.5.2-1]

Resolves: rhbz#1290148 rebase to 5.0.x

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

autocorr-af

5.0.6.2-5.0.1.el7_3.1

autocorr-bg

5.0.6.2-5.0.1.el7_3.1

autocorr-ca

5.0.6.2-5.0.1.el7_3.1

autocorr-cs

5.0.6.2-5.0.1.el7_3.1

autocorr-da

5.0.6.2-5.0.1.el7_3.1

autocorr-de

5.0.6.2-5.0.1.el7_3.1

autocorr-en

5.0.6.2-5.0.1.el7_3.1

autocorr-es

5.0.6.2-5.0.1.el7_3.1

autocorr-fa

5.0.6.2-5.0.1.el7_3.1

autocorr-fi

5.0.6.2-5.0.1.el7_3.1

autocorr-fr

5.0.6.2-5.0.1.el7_3.1

autocorr-ga

5.0.6.2-5.0.1.el7_3.1

autocorr-hr

5.0.6.2-5.0.1.el7_3.1

autocorr-hu

5.0.6.2-5.0.1.el7_3.1

autocorr-is

5.0.6.2-5.0.1.el7_3.1

autocorr-it

5.0.6.2-5.0.1.el7_3.1

autocorr-ja

5.0.6.2-5.0.1.el7_3.1

autocorr-ko

5.0.6.2-5.0.1.el7_3.1

autocorr-lb

5.0.6.2-5.0.1.el7_3.1

autocorr-lt

5.0.6.2-5.0.1.el7_3.1

autocorr-mn

5.0.6.2-5.0.1.el7_3.1

autocorr-nl

5.0.6.2-5.0.1.el7_3.1

autocorr-pl

5.0.6.2-5.0.1.el7_3.1

autocorr-pt

5.0.6.2-5.0.1.el7_3.1

autocorr-ro

5.0.6.2-5.0.1.el7_3.1

autocorr-ru

5.0.6.2-5.0.1.el7_3.1

autocorr-sk

5.0.6.2-5.0.1.el7_3.1

autocorr-sl

5.0.6.2-5.0.1.el7_3.1

autocorr-sr

5.0.6.2-5.0.1.el7_3.1

autocorr-sv

5.0.6.2-5.0.1.el7_3.1

autocorr-tr

5.0.6.2-5.0.1.el7_3.1

autocorr-vi

5.0.6.2-5.0.1.el7_3.1

autocorr-zh

5.0.6.2-5.0.1.el7_3.1

libreoffice

5.0.6.2-5.0.1.el7_3.1

libreoffice-base

5.0.6.2-5.0.1.el7_3.1

libreoffice-bsh

5.0.6.2-5.0.1.el7_3.1

libreoffice-calc

5.0.6.2-5.0.1.el7_3.1

libreoffice-core

5.0.6.2-5.0.1.el7_3.1

libreoffice-draw

5.0.6.2-5.0.1.el7_3.1

libreoffice-emailmerge

5.0.6.2-5.0.1.el7_3.1

libreoffice-filters

5.0.6.2-5.0.1.el7_3.1

libreoffice-gdb-debug-support

5.0.6.2-5.0.1.el7_3.1

libreoffice-glade

5.0.6.2-5.0.1.el7_3.1

libreoffice-graphicfilter

5.0.6.2-5.0.1.el7_3.1

libreoffice-impress

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-af

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ar

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-as

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-bg

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-bn

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-br

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ca

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-cs

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-cy

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-da

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-de

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-dz

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-el

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-en

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-es

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-et

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-eu

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-fa

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-fi

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-fr

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ga

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-gl

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-gu

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-he

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-hi

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-hr

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-hu

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-it

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ja

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-kk

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-kn

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ko

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-lt

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-lv

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-mai

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ml

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-mr

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-nb

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-nl

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-nn

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-nr

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-nso

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-or

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-pa

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-pl

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-pt-BR

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-pt-PT

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ro

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ru

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-si

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-sk

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-sl

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-sr

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ss

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-st

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-sv

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ta

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-te

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-th

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-tn

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-tr

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ts

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-uk

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-ve

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-xh

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-zh-Hans

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-zh-Hant

5.0.6.2-5.0.1.el7_3.1

libreoffice-langpack-zu

5.0.6.2-5.0.1.el7_3.1

libreoffice-librelogo

5.0.6.2-5.0.1.el7_3.1

libreoffice-math

5.0.6.2-5.0.1.el7_3.1

libreoffice-nlpsolver

5.0.6.2-5.0.1.el7_3.1

libreoffice-officebean

5.0.6.2-5.0.1.el7_3.1

libreoffice-ogltrans

5.0.6.2-5.0.1.el7_3.1

libreoffice-opensymbol-fonts

5.0.6.2-5.0.1.el7_3.1

libreoffice-pdfimport

5.0.6.2-5.0.1.el7_3.1

libreoffice-postgresql

5.0.6.2-5.0.1.el7_3.1

libreoffice-pyuno

5.0.6.2-5.0.1.el7_3.1

libreoffice-rhino

5.0.6.2-5.0.1.el7_3.1

libreoffice-sdk

5.0.6.2-5.0.1.el7_3.1

libreoffice-sdk-doc

5.0.6.2-5.0.1.el7_3.1

libreoffice-ure

5.0.6.2-5.0.1.el7_3.1

libreoffice-wiki-publisher

5.0.6.2-5.0.1.el7_3.1

libreoffice-writer

5.0.6.2-5.0.1.el7_3.1

libreoffice-xsltfilter

5.0.6.2-5.0.1.el7_3.1

Связанные CVE

CVE-2017-3157

Ссылки на источники

Связанные уязвимости

CVE-2017-3157

CVSS3: 5.5

ubuntu

почти 8 лет назад

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back.