Preisgabe von Informationen in LibreOffice
ID: | USN-3210-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS |
Datum: | Fr, 24. Februar 2017, 07:26 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3157 |
Applikationen: | LibreOffice |
Originalnachricht |
|
--===============3385789078715843912== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-0+dmFxz+BsFOEAAxvudu" --=-0+dmFxz+BsFOEAAxvudu Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: base64 ========================================================================== Ubuntu Security Notice USN-3210-1 February 23, 2017 LibreOffice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: LibreOffice could be made to disclose files if it opened a specially crafted file. Software Description: - libreoffice: Office productivity suite Details: Ben Hayak discovered that it was possible to make LibreOffice Calc and Writer disclose arbitrary files to an attacker if a user opened a specially crafted file with embedded links. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libreoffice 1:5.1.6~rc2-0ubuntu1~xenial1 libreoffice-base 1:5.1.6~rc2-0ubuntu1~xenial1 libreoffice-base-core 1:5.1.6~rc2-0ubuntu1~xenial1 libreoffice-calc 1:5.1.6~rc2-0ubuntu1~xenial1 libreoffice-common 1:5.1.6~rc2-0ubuntu1~xenial1 libreoffice-core 1:5.1.6~rc2-0ubuntu1~xenial1 libreoffice-math 1:5.1.6~rc2-0ubuntu1~xenial1 libreoffice-writer 1:5.1.6~rc2-0ubuntu1~xenial1 Ubuntu 14.04 LTS: libreoffice 1:4.2.8-0ubuntu5 libreoffice-base 1:4.2.8-0ubuntu5 libreoffice-base-core 1:4.2.8-0ubuntu5 libreoffice-calc 1:4.2.8-0ubuntu5 libreoffice-common 1:4.2.8-0ubuntu5 libreoffice-core 1:4.2.8-0ubuntu5 libreoffice-math 1:4.2.8-0ubuntu5 libreoffice-writer 1:4.2.8-0ubuntu5 Ubuntu 12.04 LTS: libreoffice 1:3.5.7-0ubuntu13 libreoffice-base 1:3.5.7-0ubuntu13 libreoffice-base-core 1:3.5.7-0ubuntu13 libreoffice-calc 1:3.5.7-0ubuntu13 libreoffice-common 1:3.5.7-0ubuntu13 libreoffice-core 1:3.5.7-0ubuntu13 libreoffice-math 1:3.5.7-0ubuntu13 libreoffice-writer 1:3.5.7-0ubuntu13 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-3210-1 CVE-2017-3157 Package Information: https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial1 https://launchpad.net/ubuntu/+source/libreoffice/1:4.2.8-0ubuntu5 https://launchpad.net/ubuntu/+source/libreoffice/1:3.5.7-0ubuntu13 |