Описание
Security update for libreoffice
This update for libreoffice fixes the following issues:
Libreoffice was updated to version 24.2.4.2:
-
Release notes:
-
Security issues fixed:
- CVE-2024-3044: Fixed unchecked script execution in graphic on-click binding (bsc#1224279)
-
Other issues fixed:
- Fixed LibreOffice build failures with ICU 75 (bsc#1224309)
-
Updated bundled dependencies:
- curl version update from 8.6.0 to 8.7.1
- gpgme version update from 1.20.0 to 1.23.2
- libassuan version update from 2.5.6 to 2.5.7
- libgpg-error version update from 1.47 to 1.48
Список пакетов
SUSE Linux Enterprise Software Development Kit 12 SP5
libreoffice-sdk-24.2.4.2-48.59.3
SUSE Linux Enterprise Workstation Extension 12 SP5
libreoffice-24.2.4.2-48.59.3
libreoffice-base-24.2.4.2-48.59.3
libreoffice-base-drivers-postgresql-24.2.4.2-48.59.3
libreoffice-branding-upstream-24.2.4.2-48.59.3
libreoffice-calc-24.2.4.2-48.59.3
libreoffice-calc-extensions-24.2.4.2-48.59.3
libreoffice-draw-24.2.4.2-48.59.3
libreoffice-filters-optional-24.2.4.2-48.59.3
libreoffice-gnome-24.2.4.2-48.59.3
libreoffice-gtk3-24.2.4.2-48.59.3
libreoffice-icon-themes-24.2.4.2-48.59.3
libreoffice-impress-24.2.4.2-48.59.3
libreoffice-l10n-af-24.2.4.2-48.59.3
libreoffice-l10n-ar-24.2.4.2-48.59.3
libreoffice-l10n-bg-24.2.4.2-48.59.3
libreoffice-l10n-ca-24.2.4.2-48.59.3
libreoffice-l10n-cs-24.2.4.2-48.59.3
libreoffice-l10n-da-24.2.4.2-48.59.3
libreoffice-l10n-de-24.2.4.2-48.59.3
libreoffice-l10n-en-24.2.4.2-48.59.3
libreoffice-l10n-es-24.2.4.2-48.59.3
libreoffice-l10n-fi-24.2.4.2-48.59.3
libreoffice-l10n-fr-24.2.4.2-48.59.3
libreoffice-l10n-gu-24.2.4.2-48.59.3
libreoffice-l10n-hi-24.2.4.2-48.59.3
libreoffice-l10n-hr-24.2.4.2-48.59.3
libreoffice-l10n-hu-24.2.4.2-48.59.3
libreoffice-l10n-it-24.2.4.2-48.59.3
libreoffice-l10n-ja-24.2.4.2-48.59.3
libreoffice-l10n-ko-24.2.4.2-48.59.3
libreoffice-l10n-lt-24.2.4.2-48.59.3
libreoffice-l10n-nb-24.2.4.2-48.59.3
libreoffice-l10n-nl-24.2.4.2-48.59.3
libreoffice-l10n-nn-24.2.4.2-48.59.3
libreoffice-l10n-pl-24.2.4.2-48.59.3
libreoffice-l10n-pt_BR-24.2.4.2-48.59.3
libreoffice-l10n-pt_PT-24.2.4.2-48.59.3
libreoffice-l10n-ro-24.2.4.2-48.59.3
libreoffice-l10n-ru-24.2.4.2-48.59.3
libreoffice-l10n-sk-24.2.4.2-48.59.3
libreoffice-l10n-sv-24.2.4.2-48.59.3
libreoffice-l10n-uk-24.2.4.2-48.59.3
libreoffice-l10n-xh-24.2.4.2-48.59.3
libreoffice-l10n-zh_CN-24.2.4.2-48.59.3
libreoffice-l10n-zh_TW-24.2.4.2-48.59.3
libreoffice-l10n-zu-24.2.4.2-48.59.3
libreoffice-librelogo-24.2.4.2-48.59.3
libreoffice-mailmerge-24.2.4.2-48.59.3
libreoffice-math-24.2.4.2-48.59.3
libreoffice-officebean-24.2.4.2-48.59.3
libreoffice-pyuno-24.2.4.2-48.59.3
libreoffice-writer-24.2.4.2-48.59.3
libreoffice-writer-extensions-24.2.4.2-48.59.3
Ссылки
- Link for SUSE-SU-2024:2258-1
- E-Mail link for SUSE-SU-2024:2258-1
- SUSE Security Ratings
- SUSE Bug 1224279
- SUSE Bug 1224309
- SUSE CVE CVE-2024-3044 page
Описание
Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libreoffice-sdk-24.2.4.2-48.59.3
SUSE Linux Enterprise Workstation Extension 12 SP5:libreoffice-24.2.4.2-48.59.3
SUSE Linux Enterprise Workstation Extension 12 SP5:libreoffice-base-24.2.4.2-48.59.3
SUSE Linux Enterprise Workstation Extension 12 SP5:libreoffice-base-drivers-postgresql-24.2.4.2-48.59.3
Ссылки
- CVE-2024-3044
- SUSE Bug 1224279