Описание
Recommended update for LibreOffice
This update brings LibreOffice to version 5.0.2, a major version update.
It brings lots of new features, bugfixes and also security fixes.
Features as seen on http://www.libreoffice.org/discover/new-features/
- LibreOffice 5.0 ships an impressive number of new features for its spreadsheet module, Calc: complex formulae image cropping, new functions, more powerful conditional formatting, table addressing and much more. Calc's blend of performance and features makes it an enterprise-ready, heavy duty spreadsheet application capable of handling all kinds of workload for an impressive range of use cases
- New icons, major improvements to menus and sidebar : no other LibreOffice version has looked that good and helped you be creative and get things done the right way. In addition, style management is now more intuitive thanks to the visualization of styles right in the interface.
- LibreOffice 5 ships with numerous improvements to document import and export filters for MS Office, PDF, RTF, and more. You can now timestamp PDF documents generated with LibreOffice and enjoy enhanced document conversion fidelity all around.
The Pentaho Flow Reporting Engine is now added and used.
Security issues fixed:
- CVE-2014-8146: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 did not properly track directionally isolated pieces of text, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.
- CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 used an integer data type that is inconsistent with a header file, which allowed remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
- CVE-2015-4551: An arbitrary file disclosure vulnerability in Libreoffice and Openoffice Calc and Writer was fixed.
- CVE-2015-1774: The HWP filter in LibreOffice allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggered an out-of-bounds write.
- CVE-2015-5212: A LibreOffice 'PrinterSetup Length' integer underflow vulnerability could be used by attackers supplying documents to execute code as the user opening the document.
- CVE-2015-5213: A LibreOffice 'Piece Table Counter' invalid check design error vulnerability allowed attackers supplying documents to execute code as the user opening the document.
- CVE-2015-5214: Multiple Vendor LibreOffice Bookmark Status Memory Corruption Vulnerability allowed attackers supplying documents to execute code as the user opening the document.
Список пакетов
SUSE Linux Enterprise Desktop 12
apache-commons-logging-1.1.3-7.1
flute-1.3.0-4.2
libabw-0_1-1-0.1.1-5.3
libbase-1.1.3-4.3
libcdr-0_1-1-0.1.1-5.3
libcmis-0_5-5-0.5.0-5.1
libe-book-0_1-1-0.1.2-4.2
libetonyek-0_1-1-0.1.3-3.5
libfonts-1.1.3-4.9
libformula-1.1.3-4.3
libfreehand-0_1-1-0.1.1-4.9
libgltf-0_0-0-0.0.1-2.1
libgraphite2-3-1.3.1-3.1
libgraphite2-3-32bit-1.3.1-3.1
libhyphen0-2.8.8-9.1
libixion-0_10-0-0.9.1-3.1
liblangtag1-0.5.7-3.1
liblayout-0.2.10-4.8
libloader-1.1.3-3.2
libmspub-0_1-1-0.1.2-5.1
libmwaw-0_3-3-0.3.6-3.3
libodfgen-0_1-1-0.1.4-3.9
liborcus-0_8-0-0.7.1-3.1
libpagemaker-0_0-0-0.0.2-2.3
libreoffice-5.0.2.2-13.14
libreoffice-base-5.0.2.2-13.14
libreoffice-base-drivers-mysql-5.0.2.2-13.14
libreoffice-base-drivers-postgresql-5.0.2.2-13.14
libreoffice-calc-5.0.2.2-13.14
libreoffice-calc-extensions-5.0.2.2-13.14
libreoffice-draw-5.0.2.2-13.14
libreoffice-filters-optional-5.0.2.2-13.14
libreoffice-gnome-5.0.2.2-13.14
libreoffice-icon-theme-tango-5.0.2.2-13.14
libreoffice-impress-5.0.2.2-13.14
libreoffice-l10n-af-5.0.2.2-13.14
libreoffice-l10n-ar-5.0.2.2-13.14
libreoffice-l10n-ca-5.0.2.2-13.14
libreoffice-l10n-cs-5.0.2.2-13.14
libreoffice-l10n-da-5.0.2.2-13.14
libreoffice-l10n-de-5.0.2.2-13.14
libreoffice-l10n-en-5.0.2.2-13.14
libreoffice-l10n-es-5.0.2.2-13.14
libreoffice-l10n-fi-5.0.2.2-13.14
libreoffice-l10n-fr-5.0.2.2-13.14
libreoffice-l10n-gu-5.0.2.2-13.14
libreoffice-l10n-hi-5.0.2.2-13.14
libreoffice-l10n-hu-5.0.2.2-13.14
libreoffice-l10n-it-5.0.2.2-13.14
libreoffice-l10n-ja-5.0.2.2-13.14
libreoffice-l10n-ko-5.0.2.2-13.14
libreoffice-l10n-nb-5.0.2.2-13.14
libreoffice-l10n-nl-5.0.2.2-13.14
libreoffice-l10n-nn-5.0.2.2-13.14
libreoffice-l10n-pl-5.0.2.2-13.14
libreoffice-l10n-pt-BR-5.0.2.2-13.14
libreoffice-l10n-pt-PT-5.0.2.2-13.14
libreoffice-l10n-ru-5.0.2.2-13.14
libreoffice-l10n-sk-5.0.2.2-13.14
libreoffice-l10n-sv-5.0.2.2-13.14
libreoffice-l10n-xh-5.0.2.2-13.14
libreoffice-l10n-zh-Hans-5.0.2.2-13.14
libreoffice-l10n-zh-Hant-5.0.2.2-13.14
libreoffice-l10n-zu-5.0.2.2-13.14
libreoffice-mailmerge-5.0.2.2-13.14
libreoffice-math-5.0.2.2-13.14
libreoffice-officebean-5.0.2.2-13.14
libreoffice-pyuno-5.0.2.2-13.14
libreoffice-share-linker-1-2.1
libreoffice-voikko-4.1-6.3
libreoffice-writer-5.0.2.2-13.14
libreoffice-writer-extensions-5.0.2.2-13.14
librepository-1.1.3-4.3
librevenge-0_0-0-0.0.2-4.1
librevenge-stream-0_0-0-0.0.2-4.1
libserializer-1.1.2-4.3
libvisio-0_1-1-0.1.3-4.3
libvoikko1-3.7.1-3.1
libwps-0_4-4-0.4.1-3.1
malaga-suomi-1.18-3.2
myspell-af_ZA-20150827-5.1
myspell-ar-20150827-5.1
myspell-be_BY-20150827-5.1
myspell-bg_BG-20150827-5.1
myspell-bn_BD-20150827-5.1
myspell-bs_BA-20150827-5.1
myspell-ca-20150827-5.1
myspell-cs_CZ-20150827-5.1
myspell-da_DK-20150827-5.1
myspell-de-20150827-5.1
myspell-dictionaries-20150827-5.1
myspell-el_GR-20150827-5.1
myspell-en-20150827-5.1
myspell-es-20150827-5.1
myspell-et_EE-20150827-5.1
myspell-fr_FR-20150827-5.1
myspell-gu_IN-20150827-5.1
myspell-he_IL-20150827-5.1
myspell-hi_IN-20150827-5.1
myspell-hr_HR-20150827-5.1
myspell-hu_HU-20150827-5.1
myspell-it_IT-20150827-5.1
myspell-lo_LA-20150827-5.1
myspell-lt_LT-20150827-5.1
myspell-lv_LV-20150827-5.1
myspell-nl_NL-20150827-5.1
myspell-no-20150827-5.1
myspell-pl_PL-20150827-5.1
myspell-pt_BR-20150827-5.1
myspell-pt_PT-20150827-5.1
myspell-ro-20150827-5.1
myspell-ru_RU-20150827-5.1
myspell-sk_SK-20150827-5.1
myspell-sl_SI-20150827-5.1
myspell-sr-20150827-5.1
myspell-sv_SE-20150827-5.1
myspell-te_IN-20150827-5.1
myspell-th_TH-20150827-5.1
myspell-vi-20150827-5.1
myspell-zu_ZA-20150827-5.1
pentaho-libxml-1.1.3-4.3
pentaho-reporting-flow-engine-0.9.4-4.5
sac-1.3-4.1
SUSE Linux Enterprise Server 12
apache-commons-logging-1.1.3-7.1
libgraphite2-3-1.3.1-3.1
libgraphite2-3-32bit-1.3.1-3.1
SUSE Linux Enterprise Server for SAP Applications 12
apache-commons-logging-1.1.3-7.1
libgraphite2-3-1.3.1-3.1
libgraphite2-3-32bit-1.3.1-3.1
SUSE Linux Enterprise Software Development Kit 12
graphite2-devel-1.3.1-3.1
hyphen-devel-2.8.8-9.1
libabw-devel-0.1.1-5.3
libabw-devel-doc-0.1.1-5.3
libcdr-devel-0.1.1-5.3
libcdr-devel-doc-0.1.1-5.3
libcmis-0_5-5-0.5.0-5.1
libcmis-c-0_5-5-0.5.0-5.1
libcmis-c-devel-0.5.0-5.1
libcmis-devel-0.5.0-5.1
libe-book-devel-0.1.2-4.2
libe-book-devel-doc-0.1.2-4.2
libetonyek-devel-0.1.3-3.5
libetonyek-devel-doc-0.1.3-3.5
libfreehand-devel-0.1.1-4.9
libfreehand-devel-doc-0.1.1-4.9
libhyphen0-2.8.8-9.1
libixion-0_10-0-0.9.1-3.1
libixion-devel-0.9.1-3.1
liblangtag-devel-0.5.7-3.1
liblangtag1-0.5.7-3.1
libmspub-devel-0.1.2-5.1
libmspub-devel-doc-0.1.2-5.1
libmwaw-devel-0.3.6-3.3
libmwaw-devel-doc-0.3.6-3.3
libodfgen-devel-0.1.4-3.9
libodfgen-devel-doc-0.1.4-3.9
liborcus-devel-0.7.1-3.1
librevenge-0_0-0-0.0.2-4.1
librevenge-devel-0.0.2-4.1
librevenge-generators-0_0-0-0.0.2-4.1
librevenge-stream-0_0-0-0.0.2-4.1
libvisio-devel-0.1.3-4.3
libvisio-devel-doc-0.1.3-4.3
libvoikko-devel-3.7.1-3.1
libvoikko1-3.7.1-3.1
libwps-devel-0.4.1-3.1
malaga-suomi-1.18-3.2
SUSE Linux Enterprise Workstation Extension 12
apache-commons-logging-1.1.3-7.1
flute-1.3.0-4.2
libabw-0_1-1-0.1.1-5.3
libbase-1.1.3-4.3
libcdr-0_1-1-0.1.1-5.3
libcmis-0_5-5-0.5.0-5.1
libe-book-0_1-1-0.1.2-4.2
libetonyek-0_1-1-0.1.3-3.5
libfonts-1.1.3-4.9
libformula-1.1.3-4.3
libfreehand-0_1-1-0.1.1-4.9
libgltf-0_0-0-0.0.1-2.1
libhyphen0-2.8.8-9.1
libixion-0_10-0-0.9.1-3.1
liblangtag1-0.5.7-3.1
liblayout-0.2.10-4.8
libloader-1.1.3-3.2
libmspub-0_1-1-0.1.2-5.1
libmwaw-0_3-3-0.3.6-3.3
libodfgen-0_1-1-0.1.4-3.9
liborcus-0_8-0-0.7.1-3.1
libpagemaker-0_0-0-0.0.2-2.3
libreoffice-5.0.2.2-13.14
libreoffice-base-5.0.2.2-13.14
libreoffice-base-drivers-mysql-5.0.2.2-13.14
libreoffice-base-drivers-postgresql-5.0.2.2-13.14
libreoffice-calc-5.0.2.2-13.14
libreoffice-calc-extensions-5.0.2.2-13.14
libreoffice-draw-5.0.2.2-13.14
libreoffice-filters-optional-5.0.2.2-13.14
libreoffice-gnome-5.0.2.2-13.14
libreoffice-icon-theme-tango-5.0.2.2-13.14
libreoffice-impress-5.0.2.2-13.14
libreoffice-l10n-af-5.0.2.2-13.14
libreoffice-l10n-ar-5.0.2.2-13.14
libreoffice-l10n-ca-5.0.2.2-13.14
libreoffice-l10n-cs-5.0.2.2-13.14
libreoffice-l10n-da-5.0.2.2-13.14
libreoffice-l10n-de-5.0.2.2-13.14
libreoffice-l10n-en-5.0.2.2-13.14
libreoffice-l10n-es-5.0.2.2-13.14
libreoffice-l10n-fi-5.0.2.2-13.14
libreoffice-l10n-fr-5.0.2.2-13.14
libreoffice-l10n-gu-5.0.2.2-13.14
libreoffice-l10n-hi-5.0.2.2-13.14
libreoffice-l10n-hu-5.0.2.2-13.14
libreoffice-l10n-it-5.0.2.2-13.14
libreoffice-l10n-ja-5.0.2.2-13.14
libreoffice-l10n-ko-5.0.2.2-13.14
libreoffice-l10n-nb-5.0.2.2-13.14
libreoffice-l10n-nl-5.0.2.2-13.14
libreoffice-l10n-nn-5.0.2.2-13.14
libreoffice-l10n-pl-5.0.2.2-13.14
libreoffice-l10n-pt-BR-5.0.2.2-13.14
libreoffice-l10n-pt-PT-5.0.2.2-13.14
libreoffice-l10n-ru-5.0.2.2-13.14
libreoffice-l10n-sk-5.0.2.2-13.14
libreoffice-l10n-sv-5.0.2.2-13.14
libreoffice-l10n-xh-5.0.2.2-13.14
libreoffice-l10n-zh-Hans-5.0.2.2-13.14
libreoffice-l10n-zh-Hant-5.0.2.2-13.14
libreoffice-l10n-zu-5.0.2.2-13.14
libreoffice-mailmerge-5.0.2.2-13.14
libreoffice-math-5.0.2.2-13.14
libreoffice-officebean-5.0.2.2-13.14
libreoffice-pyuno-5.0.2.2-13.14
libreoffice-share-linker-1-2.1
libreoffice-voikko-4.1-6.3
libreoffice-writer-5.0.2.2-13.14
libreoffice-writer-extensions-5.0.2.2-13.14
librepository-1.1.3-4.3
librevenge-0_0-0-0.0.2-4.1
librevenge-stream-0_0-0-0.0.2-4.1
libserializer-1.1.2-4.3
libvisio-0_1-1-0.1.3-4.3
libvoikko1-3.7.1-3.1
libwps-0_4-4-0.4.1-3.1
malaga-suomi-1.18-3.2
myspell-af_ZA-20150827-5.1
myspell-ar-20150827-5.1
myspell-be_BY-20150827-5.1
myspell-bg_BG-20150827-5.1
myspell-bn_BD-20150827-5.1
myspell-bs_BA-20150827-5.1
myspell-ca-20150827-5.1
myspell-cs_CZ-20150827-5.1
myspell-da_DK-20150827-5.1
myspell-de-20150827-5.1
myspell-dictionaries-20150827-5.1
myspell-el_GR-20150827-5.1
myspell-en-20150827-5.1
myspell-es-20150827-5.1
myspell-et_EE-20150827-5.1
myspell-fr_FR-20150827-5.1
myspell-gu_IN-20150827-5.1
myspell-he_IL-20150827-5.1
myspell-hi_IN-20150827-5.1
myspell-hr_HR-20150827-5.1
myspell-hu_HU-20150827-5.1
myspell-it_IT-20150827-5.1
myspell-lo_LA-20150827-5.1
myspell-lt_LT-20150827-5.1
myspell-lv_LV-20150827-5.1
myspell-nl_NL-20150827-5.1
myspell-no-20150827-5.1
myspell-pl_PL-20150827-5.1
myspell-pt_BR-20150827-5.1
myspell-pt_PT-20150827-5.1
myspell-ro-20150827-5.1
myspell-ru_RU-20150827-5.1
myspell-sk_SK-20150827-5.1
myspell-sl_SI-20150827-5.1
myspell-sr-20150827-5.1
myspell-sv_SE-20150827-5.1
myspell-te_IN-20150827-5.1
myspell-th_TH-20150827-5.1
myspell-vi-20150827-5.1
myspell-zu_ZA-20150827-5.1
pentaho-libxml-1.1.3-4.3
pentaho-reporting-flow-engine-0.9.4-4.5
sac-1.3-4.1
Ссылки
- Link for SUSE-SU-2015:1915-1
- E-Mail link for SUSE-SU-2015:1915-1
- SUSE Security Ratings
- SUSE Bug 470073
- SUSE Bug 806250
- SUSE Bug 829430
- SUSE Bug 86241
- SUSE Bug 87222
- SUSE Bug 890735
- SUSE Bug 900186
- SUSE Bug 900877
- SUSE Bug 907966
- SUSE Bug 910805
- SUSE Bug 910806
- SUSE Bug 913042
- SUSE Bug 914911
- SUSE Bug 915996
- SUSE Bug 916181
- SUSE Bug 918852
- SUSE Bug 919409
Описание
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:apache-commons-logging-1.1.3-7.1
SUSE Linux Enterprise Desktop 12:flute-1.3.0-4.2
SUSE Linux Enterprise Desktop 12:libabw-0_1-1-0.1.1-5.3
SUSE Linux Enterprise Desktop 12:libbase-1.1.3-4.3
Ссылки
- CVE-2014-8146
- SUSE Bug 1066493
- SUSE Bug 910805
- SUSE Bug 927951
- SUSE Bug 929629
- SUSE Bug 959178
Описание
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service (incorrect malloc followed by invalid free) or possibly execute arbitrary code via crafted text.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:apache-commons-logging-1.1.3-7.1
SUSE Linux Enterprise Desktop 12:flute-1.3.0-4.2
SUSE Linux Enterprise Desktop 12:libabw-0_1-1-0.1.1-5.3
SUSE Linux Enterprise Desktop 12:libbase-1.1.3-4.3
Ссылки
- CVE-2014-8147
- SUSE Bug 1066493
- SUSE Bug 1079317
- SUSE Bug 910805
- SUSE Bug 910806
- SUSE Bug 927951
- SUSE Bug 929629
- SUSE Bug 959178
Описание
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:apache-commons-logging-1.1.3-7.1
SUSE Linux Enterprise Desktop 12:flute-1.3.0-4.2
SUSE Linux Enterprise Desktop 12:libabw-0_1-1-0.1.1-5.3
SUSE Linux Enterprise Desktop 12:libbase-1.1.3-4.3
Ссылки
- CVE-2015-1774
- SUSE Bug 919409
Описание
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:apache-commons-logging-1.1.3-7.1
SUSE Linux Enterprise Desktop 12:flute-1.3.0-4.2
SUSE Linux Enterprise Desktop 12:libabw-0_1-1-0.1.1-5.3
SUSE Linux Enterprise Desktop 12:libbase-1.1.3-4.3
Ссылки
- CVE-2015-4551
- SUSE Bug 893141
- SUSE Bug 934423
- SUSE Bug 936188
- SUSE Bug 936190
- SUSE Bug 940838
Описание
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:apache-commons-logging-1.1.3-7.1
SUSE Linux Enterprise Desktop 12:flute-1.3.0-4.2
SUSE Linux Enterprise Desktop 12:libabw-0_1-1-0.1.1-5.3
SUSE Linux Enterprise Desktop 12:libbase-1.1.3-4.3
Ссылки
- CVE-2015-5212
- SUSE Bug 934423
- SUSE Bug 936188
Описание
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:apache-commons-logging-1.1.3-7.1
SUSE Linux Enterprise Desktop 12:flute-1.3.0-4.2
SUSE Linux Enterprise Desktop 12:libabw-0_1-1-0.1.1-5.3
SUSE Linux Enterprise Desktop 12:libbase-1.1.3-4.3
Ссылки
- CVE-2015-5213
- SUSE Bug 934423
- SUSE Bug 936190
Описание
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:apache-commons-logging-1.1.3-7.1
SUSE Linux Enterprise Desktop 12:flute-1.3.0-4.2
SUSE Linux Enterprise Desktop 12:libabw-0_1-1-0.1.1-5.3
SUSE Linux Enterprise Desktop 12:libbase-1.1.3-4.3
Ссылки
- CVE-2015-5214
- SUSE Bug 934423
- SUSE Bug 940838