Описание
Security update for libreoffice
This update for libreoffice fixes the following issues:
LibreOffice was updated to 6.2.5.2 (fate#327121).
Security issue fixed:
- CVE-2018-16858: LibreOffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location. (bsc#1124062)
Other bugfixes:
- If there is no firebird engine we still need java to run hsqldb (bsc#1135189)
- Require firebird as default driver for base if enabled
- PPTX: Rectangle turns from green to blue and loses transparency when transparency is set (bsc1135228)
- Slide deck compression doesn't, hmm, compress too much (bsc#1127760)
- Psychedelic graphics in LibreOffice (but not PowerPoint) (bsc#1124869)
- Image from PPTX shown in a square, not a circle (bsc#1121874)
- Switch to the new web based help system bsc#1116451
- Enable new approach for mariadb connector again
- PPTX: SmartArt: Basic rendering of the Organizational Chart (bsc#1112114)
- PPTX: SmartArt: Basic rendering of Accent Process and Continuous Block Process (bsc#1112113)
- Saving a new document can silently overwrite an existing document (bsc#1117300)
- Install also C++ libreofficekit headers bsc#1117195
- Chart in PPTX lacks color and is too large (bsc#882383)
- PPTX: SmartArt: Basic rendering of several list types (bsc#1112112)
- PPTX: Charts having weird/darker/ugly background versus Office 365 and strange artefacts where overlapping (bsc#1110348)
Список пакетов
SUSE Linux Enterprise Workstation Extension 15 SP1
libreoffice-6.2.5.2-8.5.1
libreoffice-base-6.2.5.2-8.5.1
libreoffice-base-drivers-postgresql-6.2.5.2-8.5.1
libreoffice-branding-upstream-6.2.5.2-8.5.1
libreoffice-calc-6.2.5.2-8.5.1
libreoffice-calc-extensions-6.2.5.2-8.5.1
libreoffice-draw-6.2.5.2-8.5.1
libreoffice-filters-optional-6.2.5.2-8.5.1
libreoffice-gnome-6.2.5.2-8.5.1
libreoffice-gtk3-6.2.5.2-8.5.1
libreoffice-icon-themes-6.2.5.2-8.5.1
libreoffice-impress-6.2.5.2-8.5.1
libreoffice-l10n-af-6.2.5.2-8.5.1
libreoffice-l10n-ar-6.2.5.2-8.5.1
libreoffice-l10n-as-6.2.5.2-8.5.1
libreoffice-l10n-bg-6.2.5.2-8.5.1
libreoffice-l10n-bn-6.2.5.2-8.5.1
libreoffice-l10n-br-6.2.5.2-8.5.1
libreoffice-l10n-ca-6.2.5.2-8.5.1
libreoffice-l10n-cs-6.2.5.2-8.5.1
libreoffice-l10n-cy-6.2.5.2-8.5.1
libreoffice-l10n-da-6.2.5.2-8.5.1
libreoffice-l10n-de-6.2.5.2-8.5.1
libreoffice-l10n-dz-6.2.5.2-8.5.1
libreoffice-l10n-el-6.2.5.2-8.5.1
libreoffice-l10n-en-6.2.5.2-8.5.1
libreoffice-l10n-eo-6.2.5.2-8.5.1
libreoffice-l10n-es-6.2.5.2-8.5.1
libreoffice-l10n-et-6.2.5.2-8.5.1
libreoffice-l10n-eu-6.2.5.2-8.5.1
libreoffice-l10n-fa-6.2.5.2-8.5.1
libreoffice-l10n-fi-6.2.5.2-8.5.1
libreoffice-l10n-fr-6.2.5.2-8.5.1
libreoffice-l10n-ga-6.2.5.2-8.5.1
libreoffice-l10n-gl-6.2.5.2-8.5.1
libreoffice-l10n-gu-6.2.5.2-8.5.1
libreoffice-l10n-he-6.2.5.2-8.5.1
libreoffice-l10n-hi-6.2.5.2-8.5.1
libreoffice-l10n-hr-6.2.5.2-8.5.1
libreoffice-l10n-hu-6.2.5.2-8.5.1
libreoffice-l10n-it-6.2.5.2-8.5.1
libreoffice-l10n-ja-6.2.5.2-8.5.1
libreoffice-l10n-kk-6.2.5.2-8.5.1
libreoffice-l10n-kn-6.2.5.2-8.5.1
libreoffice-l10n-ko-6.2.5.2-8.5.1
libreoffice-l10n-lt-6.2.5.2-8.5.1
libreoffice-l10n-lv-6.2.5.2-8.5.1
libreoffice-l10n-mai-6.2.5.2-8.5.1
libreoffice-l10n-ml-6.2.5.2-8.5.1
libreoffice-l10n-mr-6.2.5.2-8.5.1
libreoffice-l10n-nb-6.2.5.2-8.5.1
libreoffice-l10n-nl-6.2.5.2-8.5.1
libreoffice-l10n-nn-6.2.5.2-8.5.1
libreoffice-l10n-nr-6.2.5.2-8.5.1
libreoffice-l10n-nso-6.2.5.2-8.5.1
libreoffice-l10n-or-6.2.5.2-8.5.1
libreoffice-l10n-pa-6.2.5.2-8.5.1
libreoffice-l10n-pl-6.2.5.2-8.5.1
libreoffice-l10n-pt_BR-6.2.5.2-8.5.1
libreoffice-l10n-pt_PT-6.2.5.2-8.5.1
libreoffice-l10n-ro-6.2.5.2-8.5.1
libreoffice-l10n-ru-6.2.5.2-8.5.1
libreoffice-l10n-si-6.2.5.2-8.5.1
libreoffice-l10n-sk-6.2.5.2-8.5.1
libreoffice-l10n-sl-6.2.5.2-8.5.1
libreoffice-l10n-sr-6.2.5.2-8.5.1
libreoffice-l10n-ss-6.2.5.2-8.5.1
libreoffice-l10n-st-6.2.5.2-8.5.1
libreoffice-l10n-sv-6.2.5.2-8.5.1
libreoffice-l10n-ta-6.2.5.2-8.5.1
libreoffice-l10n-te-6.2.5.2-8.5.1
libreoffice-l10n-th-6.2.5.2-8.5.1
libreoffice-l10n-tn-6.2.5.2-8.5.1
libreoffice-l10n-tr-6.2.5.2-8.5.1
libreoffice-l10n-ts-6.2.5.2-8.5.1
libreoffice-l10n-uk-6.2.5.2-8.5.1
libreoffice-l10n-ve-6.2.5.2-8.5.1
libreoffice-l10n-xh-6.2.5.2-8.5.1
libreoffice-l10n-zh_CN-6.2.5.2-8.5.1
libreoffice-l10n-zh_TW-6.2.5.2-8.5.1
libreoffice-l10n-zu-6.2.5.2-8.5.1
libreoffice-mailmerge-6.2.5.2-8.5.1
libreoffice-math-6.2.5.2-8.5.1
libreoffice-officebean-6.2.5.2-8.5.1
libreoffice-pyuno-6.2.5.2-8.5.1
libreoffice-writer-6.2.5.2-8.5.1
libreoffice-writer-extensions-6.2.5.2-8.5.1
libreofficekit-6.2.5.2-8.5.1
libwps-0_4-4-0.4.10-7.3.3
libwps-devel-0.4.10-7.3.3
Ссылки
- Link for SUSE-SU-2019:2003-1
- E-Mail link for SUSE-SU-2019:2003-1
- SUSE Security Ratings
- SUSE Bug 1110348
- SUSE Bug 1112112
- SUSE Bug 1112113
- SUSE Bug 1112114
- SUSE Bug 1116451
- SUSE Bug 1117195
- SUSE Bug 1117300
- SUSE Bug 1121874
- SUSE Bug 1123131
- SUSE Bug 1123455
- SUSE Bug 1124062
- SUSE Bug 1124658
- SUSE Bug 1124869
- SUSE Bug 1127760
- SUSE Bug 1127857
- SUSE Bug 1128845
- SUSE Bug 1135189
Описание
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP1:libreoffice-6.2.5.2-8.5.1
SUSE Linux Enterprise Workstation Extension 15 SP1:libreoffice-base-6.2.5.2-8.5.1
SUSE Linux Enterprise Workstation Extension 15 SP1:libreoffice-base-drivers-postgresql-6.2.5.2-8.5.1
SUSE Linux Enterprise Workstation Extension 15 SP1:libreoffice-branding-upstream-6.2.5.2-8.5.1
Ссылки
- CVE-2018-16858
- SUSE Bug 1124062
- SUSE Bug 1146107