Описание
Security update for LibreOffice
This update for libreoffice and libraries fixes the following issues:
LibreOffice was updated to 6.2.5.2 (fate#327121 bsc#1128845 bsc#1123455), bringing lots of bug and stability fixes.
Additional bugfixes:
- If there is no firebird engine we still need java to run hsqldb (bsc#1135189)
- PPTX: Rectangle turns from green to blue and loses transparency when transparency is set (bsc#1135228)
- Slide deck compression doesn't, hmm, compress too much (bsc#1127760)
- Psychedelic graphics in LibreOffice (but not PowerPoint) (bsc#1124869)
- Image from PPTX shown in a square, not a circle (bsc#1121874)
libixion was updated to 0.14.1:
- Updated for new orcus
liborcus was updated to 0.14.1:
- Boost 1.67 support
- Various cell handling issues fixed
libwps was updated to 0.4.10:
- QuattroPro: add parser of .qwp files
- all: support complex encoding
mdds was updated to 1.4.3:
- Api change to 1.4
- More multivector operations and tweaks
- Various multi vector fixes
- flat_segment_tree: add segment iterator and functions
- fix to handle out-of-range insertions on flat_segment_tree
- Another api version -> rename to mdds-1_2
myspell-dictionaries was updated to 20190423:
- Serbian dictionary updated
- Update af_ZA hunspell
- Update Spanish dictionary
- Update Slovenian dictionary
- Update Breton dictionary
- Update Galician dictionary
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
myspell-de-20190423-3.9.7
myspell-de_DE-20190423-3.9.7
myspell-dictionaries-20190423-3.9.7
myspell-en-20190423-3.9.7
myspell-en_US-20190423-3.9.7
myspell-es-20190423-3.9.7
myspell-es_ES-20190423-3.9.7
myspell-hu_HU-20190423-3.9.7
myspell-lightproof-en-20190423-3.9.7
myspell-lightproof-hu_HU-20190423-3.9.7
myspell-lightproof-pt_BR-20190423-3.9.7
myspell-lightproof-ru_RU-20190423-3.9.7
myspell-nb_NO-20190423-3.9.7
myspell-no-20190423-3.9.7
myspell-pt_BR-20190423-3.9.7
myspell-ro-20190423-3.9.7
myspell-ro_RO-20190423-3.9.7
myspell-ru_RU-20190423-3.9.7
SUSE Linux Enterprise Module for Basesystem 15 SP1
myspell-de-20190423-3.9.7
myspell-de_DE-20190423-3.9.7
myspell-dictionaries-20190423-3.9.7
myspell-en-20190423-3.9.7
myspell-en_US-20190423-3.9.7
myspell-es-20190423-3.9.7
myspell-es_ES-20190423-3.9.7
myspell-hu_HU-20190423-3.9.7
myspell-lightproof-en-20190423-3.9.7
myspell-lightproof-hu_HU-20190423-3.9.7
myspell-lightproof-pt_BR-20190423-3.9.7
myspell-lightproof-ru_RU-20190423-3.9.7
myspell-nb_NO-20190423-3.9.7
myspell-no-20190423-3.9.7
myspell-pt_BR-20190423-3.9.7
myspell-ro-20190423-3.9.7
myspell-ro_RO-20190423-3.9.7
myspell-ru_RU-20190423-3.9.7
SUSE Linux Enterprise Workstation Extension 15
libixion-0_14-0-0.14.1-4.3.8
liborcus-0_14-0-0.14.1-3.3.8
liborcus-devel-0.14.1-3.3.8
libreoffice-6.2.5.2-3.18.5
libreoffice-base-6.2.5.2-3.18.5
libreoffice-base-drivers-postgresql-6.2.5.2-3.18.5
libreoffice-branding-upstream-6.2.5.2-3.18.5
libreoffice-calc-6.2.5.2-3.18.5
libreoffice-calc-extensions-6.2.5.2-3.18.5
libreoffice-draw-6.2.5.2-3.18.5
libreoffice-filters-optional-6.2.5.2-3.18.5
libreoffice-gnome-6.2.5.2-3.18.5
libreoffice-gtk3-6.2.5.2-3.18.5
libreoffice-icon-themes-6.2.5.2-3.18.5
libreoffice-impress-6.2.5.2-3.18.5
libreoffice-l10n-af-6.2.5.2-3.18.5
libreoffice-l10n-ar-6.2.5.2-3.18.5
libreoffice-l10n-as-6.2.5.2-3.18.5
libreoffice-l10n-bg-6.2.5.2-3.18.5
libreoffice-l10n-bn-6.2.5.2-3.18.5
libreoffice-l10n-br-6.2.5.2-3.18.5
libreoffice-l10n-ca-6.2.5.2-3.18.5
libreoffice-l10n-cs-6.2.5.2-3.18.5
libreoffice-l10n-cy-6.2.5.2-3.18.5
libreoffice-l10n-da-6.2.5.2-3.18.5
libreoffice-l10n-de-6.2.5.2-3.18.5
libreoffice-l10n-dz-6.2.5.2-3.18.5
libreoffice-l10n-el-6.2.5.2-3.18.5
libreoffice-l10n-en-6.2.5.2-3.18.5
libreoffice-l10n-eo-6.2.5.2-3.18.5
libreoffice-l10n-es-6.2.5.2-3.18.5
libreoffice-l10n-et-6.2.5.2-3.18.5
libreoffice-l10n-eu-6.2.5.2-3.18.5
libreoffice-l10n-fa-6.2.5.2-3.18.5
libreoffice-l10n-fi-6.2.5.2-3.18.5
libreoffice-l10n-fr-6.2.5.2-3.18.5
libreoffice-l10n-ga-6.2.5.2-3.18.5
libreoffice-l10n-gl-6.2.5.2-3.18.5
libreoffice-l10n-gu-6.2.5.2-3.18.5
libreoffice-l10n-he-6.2.5.2-3.18.5
libreoffice-l10n-hi-6.2.5.2-3.18.5
libreoffice-l10n-hr-6.2.5.2-3.18.5
libreoffice-l10n-hu-6.2.5.2-3.18.5
libreoffice-l10n-it-6.2.5.2-3.18.5
libreoffice-l10n-ja-6.2.5.2-3.18.5
libreoffice-l10n-kk-6.2.5.2-3.18.5
libreoffice-l10n-kn-6.2.5.2-3.18.5
libreoffice-l10n-ko-6.2.5.2-3.18.5
libreoffice-l10n-lt-6.2.5.2-3.18.5
libreoffice-l10n-lv-6.2.5.2-3.18.5
libreoffice-l10n-mai-6.2.5.2-3.18.5
libreoffice-l10n-ml-6.2.5.2-3.18.5
libreoffice-l10n-mr-6.2.5.2-3.18.5
libreoffice-l10n-nb-6.2.5.2-3.18.5
libreoffice-l10n-nl-6.2.5.2-3.18.5
libreoffice-l10n-nn-6.2.5.2-3.18.5
libreoffice-l10n-nr-6.2.5.2-3.18.5
libreoffice-l10n-nso-6.2.5.2-3.18.5
libreoffice-l10n-or-6.2.5.2-3.18.5
libreoffice-l10n-pa-6.2.5.2-3.18.5
libreoffice-l10n-pl-6.2.5.2-3.18.5
libreoffice-l10n-pt_BR-6.2.5.2-3.18.5
libreoffice-l10n-pt_PT-6.2.5.2-3.18.5
libreoffice-l10n-ro-6.2.5.2-3.18.5
libreoffice-l10n-ru-6.2.5.2-3.18.5
libreoffice-l10n-si-6.2.5.2-3.18.5
libreoffice-l10n-sk-6.2.5.2-3.18.5
libreoffice-l10n-sl-6.2.5.2-3.18.5
libreoffice-l10n-sr-6.2.5.2-3.18.5
libreoffice-l10n-ss-6.2.5.2-3.18.5
libreoffice-l10n-st-6.2.5.2-3.18.5
libreoffice-l10n-sv-6.2.5.2-3.18.5
libreoffice-l10n-ta-6.2.5.2-3.18.5
libreoffice-l10n-te-6.2.5.2-3.18.5
libreoffice-l10n-th-6.2.5.2-3.18.5
libreoffice-l10n-tn-6.2.5.2-3.18.5
libreoffice-l10n-tr-6.2.5.2-3.18.5
libreoffice-l10n-ts-6.2.5.2-3.18.5
libreoffice-l10n-uk-6.2.5.2-3.18.5
libreoffice-l10n-ve-6.2.5.2-3.18.5
libreoffice-l10n-xh-6.2.5.2-3.18.5
libreoffice-l10n-zh_CN-6.2.5.2-3.18.5
libreoffice-l10n-zh_TW-6.2.5.2-3.18.5
libreoffice-l10n-zu-6.2.5.2-3.18.5
libreoffice-mailmerge-6.2.5.2-3.18.5
libreoffice-math-6.2.5.2-3.18.5
libreoffice-officebean-6.2.5.2-3.18.5
libreoffice-pyuno-6.2.5.2-3.18.5
libreoffice-writer-6.2.5.2-3.18.5
libreoffice-writer-extensions-6.2.5.2-3.18.5
libreofficekit-6.2.5.2-3.18.5
libwps-0_4-4-0.4.10-3.6.7
libwps-devel-0.4.10-3.6.7
myspell-af_ZA-20190423-3.9.7
myspell-ar-20190423-3.9.7
myspell-bg_BG-20190423-3.9.7
myspell-bn_BD-20190423-3.9.7
myspell-br_FR-20190423-3.9.7
myspell-ca-20190423-3.9.7
myspell-cs_CZ-20190423-3.9.7
myspell-da_DK-20190423-3.9.7
myspell-el_GR-20190423-3.9.7
myspell-et_EE-20190423-3.9.7
myspell-fr_FR-20190423-3.9.7
myspell-gl-20190423-3.9.7
myspell-gu_IN-20190423-3.9.7
myspell-he_IL-20190423-3.9.7
myspell-hi_IN-20190423-3.9.7
myspell-hr_HR-20190423-3.9.7
myspell-it_IT-20190423-3.9.7
myspell-lt_LT-20190423-3.9.7
myspell-lv_LV-20190423-3.9.7
myspell-nl_NL-20190423-3.9.7
myspell-nn_NO-20190423-3.9.7
myspell-pl_PL-20190423-3.9.7
myspell-pt_PT-20190423-3.9.7
myspell-si_LK-20190423-3.9.7
myspell-sk_SK-20190423-3.9.7
myspell-sl_SI-20190423-3.9.7
myspell-sr-20190423-3.9.7
myspell-sv_SE-20190423-3.9.7
myspell-te_IN-20190423-3.9.7
myspell-th_TH-20190423-3.9.7
myspell-tr_TR-20190423-3.9.7
myspell-uk_UA-20190423-3.9.7
myspell-zu_ZA-20190423-3.9.7
SUSE Linux Enterprise Workstation Extension 15 SP1
libixion-0_14-0-0.14.1-4.3.8
liborcus-0_14-0-0.14.1-3.3.8
liborcus-devel-0.14.1-3.3.8
myspell-af_ZA-20190423-3.9.7
myspell-ar-20190423-3.9.7
myspell-bg_BG-20190423-3.9.7
myspell-bn_BD-20190423-3.9.7
myspell-br_FR-20190423-3.9.7
myspell-ca-20190423-3.9.7
myspell-cs_CZ-20190423-3.9.7
myspell-da_DK-20190423-3.9.7
myspell-el_GR-20190423-3.9.7
myspell-et_EE-20190423-3.9.7
myspell-fr_FR-20190423-3.9.7
myspell-gl-20190423-3.9.7
myspell-gu_IN-20190423-3.9.7
myspell-he_IL-20190423-3.9.7
myspell-hi_IN-20190423-3.9.7
myspell-hr_HR-20190423-3.9.7
myspell-it_IT-20190423-3.9.7
myspell-lt_LT-20190423-3.9.7
myspell-lv_LV-20190423-3.9.7
myspell-nl_NL-20190423-3.9.7
myspell-nn_NO-20190423-3.9.7
myspell-pl_PL-20190423-3.9.7
myspell-pt_PT-20190423-3.9.7
myspell-si_LK-20190423-3.9.7
myspell-sk_SK-20190423-3.9.7
myspell-sl_SI-20190423-3.9.7
myspell-sr-20190423-3.9.7
myspell-sv_SE-20190423-3.9.7
myspell-te_IN-20190423-3.9.7
myspell-th_TH-20190423-3.9.7
myspell-tr_TR-20190423-3.9.7
myspell-uk_UA-20190423-3.9.7
myspell-zu_ZA-20190423-3.9.7
Ссылки
- Link for SUSE-SU-2019:1894-1
- E-Mail link for SUSE-SU-2019:1894-1
- SUSE Security Ratings
- SUSE Bug 1089811
- SUSE Bug 1116451
- SUSE Bug 1121874
- SUSE Bug 1123131
- SUSE Bug 1123455
- SUSE Bug 1124062
- SUSE Bug 1124869
- SUSE Bug 1127760
- SUSE Bug 1127857
- SUSE Bug 1128845
- SUSE Bug 1135189
- SUSE Bug 1135228
- SUSE CVE CVE-2018-16858 page
Описание
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP1:myspell-de-20190423-3.9.7
SUSE Linux Enterprise Module for Basesystem 15 SP1:myspell-de_DE-20190423-3.9.7
SUSE Linux Enterprise Module for Basesystem 15 SP1:myspell-dictionaries-20190423-3.9.7
SUSE Linux Enterprise Module for Basesystem 15 SP1:myspell-en-20190423-3.9.7
Ссылки
- CVE-2018-16858
- SUSE Bug 1124062
- SUSE Bug 1146107