drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in LibreOffice
Name: |
Mehrere Probleme in LibreOffice |
|
ID: |
USN-2793-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.04 |
|
Datum: |
Do, 5. November 2015, 17:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214 |
|
Applikationen: |
LibreOffice |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============5943699584571910536== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="17HUqlE2ra2xSPxfWqNWjjQNKDIGPig3X"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --17HUqlE2ra2xSPxfWqNWjjQNKDIGPig3X Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2793-1 November 05, 2015
libreoffice vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in LibreOffice.
Software Description: - libreoffice: Office productivity suite
Details:
Federico Scrinzi discovered that LibreOffice incorrectly handled documents inserted into Writer or Calc via links. If a user were tricked into opening a specially crafted document, a remote attacker could possibly obtain the contents of arbitrary files. (CVE-2015-4551)
It was discovered that LibreOffice incorrectly handled PrinterSetup data stored in ODF files. If a user were tricked into opening a specially crafted ODF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2015-5212)
It was discovered that LibreOffice incorrectly handled the number of pieces in DOC files. If a user were tricked into opening a specially crafted DOC document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2015-5213)
It was discovered that LibreOffice incorrectly handled bookmarks in DOC files. If a user were tricked into opening a specially crafted DOC document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2015-5214)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: libreoffice-core 1:4.4.6~rc3-0ubuntu1
Ubuntu 14.04 LTS: libreoffice-core 1:4.2.8-0ubuntu3
Ubuntu 12.04 LTS: libreoffice-core 1:3.5.7-0ubuntu9
After a standard system update you need to restart LibreOffice to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2793-1 CVE-2015-4551, CVE-2015-5212, CVE-2015-5213, CVE-2015-5214
Package Information: https://launchpad.net/ubuntu/+source/libreoffice/1:4.4.6~rc3-0ubuntu1 https://launchpad.net/ubuntu/+source/libreoffice/1:4.2.8-0ubuntu3 https://launchpad.net/ubuntu/+source/libreoffice/1:3.5.7-0ubuntu9
--17HUqlE2ra2xSPxfWqNWjjQNKDIGPig3X Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJWO4d0AAoJEGVp2FWnRL6T1RMP/Au6Hj45TLAarP5+mi73j9MN ksDgKZGDgLYI06zRIjh65piFmX6hPLI0M1SWysFgPUA4m0uTfpW56l9B83Q8cEKJ sprHCER10bWR9YqHKsIVi38qETYgZ4lHONbmaxxn+df41RpJc35S1qlU2Fk4VbpA Tq1FmCKy3I9ByXUBNqLhA9H3bakvqd3V4aJmQRoSoNCskoDnt3kzZ9m/zEgIxNdy 86qC/Yir/eBxCGJVywjFg+mpdqMeSNfRY9jGdO8cRqyGPZ8WYIWxoEjXsqjvuDkr i0hwQFFlKelc4YLkUd+I8xzLRwkJB+6ZswA3eWLeXtaX1ubNiUqAr4KjgqqFLLBN ufdaQOfuznWfloVS0tlwHQOv7vG93BNY18ofWmD0KgMrGhbLLASIRFOdEvgWWZ1E jcmuN4EfgIvrRNcGR6O/SFnrM6WQdfKB4IXZZe56grGTr1UxDl5TA26vAu/heI2l z9dUcvqilRD8zQ3PmVP8xeXYC1AUaVwLWVbu7eZOnIJf2gAB0LWyfxm2PAXRjGGC CgmNgtAJCtaTtvseoMGeWY+IVWx9UiEHiW0VBEmN/6fuKCV2kD68U3grq9ea9yaZ 4OzkJQSJyqft3Dd6pJMNbqGtXJyyJN6uIGX5c0P392jdcbg6YsF2cIqG8WVtt7P3 INNRSCF0rHSNoRkDfiD2 =vIFh -----END PGP SIGNATURE-----
--17HUqlE2ra2xSPxfWqNWjjQNKDIGPig3X--
--===============5943699584571910536== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============5943699584571910536==--
|
|
|
|