Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in LibreOffice
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in LibreOffice
ID: USN-3210-1
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS
Datum: Fr, 24. Februar 2017, 07:26
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3157

Originalnachricht


--===============3385789078715843912==
Content-Type: multipart/signed; micalg="pgp-sha256";
protocol="application/pgp-signature";
boundary="=-0+dmFxz+BsFOEAAxvudu"


--=-0+dmFxz+BsFOEAAxvudu
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: base64
==========================================================================
Ubuntu Security Notice USN-3210-1
February 23, 2017

LibreOffice vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

LibreOffice could be made to disclose files if it opened a specially crafted
file.

Software Description:
- libreoffice: Office productivity suite

Details:

Ben Hayak discovered that it was possible to make LibreOffice Calc and Writer
disclose arbitrary files to an attacker if a user opened a specially crafted
file with embedded links.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  libreoffice                     1:5.1.6~rc2-0ubuntu1~xenial1
  libreoffice-base                1:5.1.6~rc2-0ubuntu1~xenial1
  libreoffice-base-core           1:5.1.6~rc2-0ubuntu1~xenial1
  libreoffice-calc                1:5.1.6~rc2-0ubuntu1~xenial1
  libreoffice-common              1:5.1.6~rc2-0ubuntu1~xenial1
  libreoffice-core                1:5.1.6~rc2-0ubuntu1~xenial1
  libreoffice-math                1:5.1.6~rc2-0ubuntu1~xenial1
  libreoffice-writer              1:5.1.6~rc2-0ubuntu1~xenial1

Ubuntu 14.04 LTS:
  libreoffice                     1:4.2.8-0ubuntu5
  libreoffice-base                1:4.2.8-0ubuntu5
  libreoffice-base-core           1:4.2.8-0ubuntu5
  libreoffice-calc                1:4.2.8-0ubuntu5
  libreoffice-common              1:4.2.8-0ubuntu5
  libreoffice-core                1:4.2.8-0ubuntu5
  libreoffice-math                1:4.2.8-0ubuntu5
  libreoffice-writer              1:4.2.8-0ubuntu5

Ubuntu 12.04 LTS:
  libreoffice                     1:3.5.7-0ubuntu13
  libreoffice-base                1:3.5.7-0ubuntu13
  libreoffice-base-core           1:3.5.7-0ubuntu13
  libreoffice-calc                1:3.5.7-0ubuntu13
  libreoffice-common              1:3.5.7-0ubuntu13
  libreoffice-core                1:3.5.7-0ubuntu13
  libreoffice-math                1:3.5.7-0ubuntu13
  libreoffice-writer              1:3.5.7-0ubuntu13

In general, a standard system update will make all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-3210-1
  CVE-2017-3157

Package Information:
  https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial1
  https://launchpad.net/ubuntu/+source/libreoffice/1:4.2.8-0ubuntu5
  https://launchpad.net/ubuntu/+source/libreoffice/1:3.5.7-0ubuntu13
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung