drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in LibreOffice
Name: |
Ausführen beliebiger Kommandos in LibreOffice |
|
ID: |
USN-4138-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 19.04 |
|
Datum: |
Di, 24. September 2019, 17:26 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9854 |
|
Applikationen: |
LibreOffice |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============3170590506387345245== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ZfYQGy14SDcYdroysGPni0oYdqaF6be5d"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ZfYQGy14SDcYdroysGPni0oYdqaF6be5d Content-Type: multipart/mixed; boundary="LkC1z42ccB68F5EyzwW8Ob6nREB7nvxrQ"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <bb48943c-31b0-d6ed-5fe9-bcd3eec2dd37@canonical.com> Subject: [USN-4138-1] LibreOffice vulnerability
--LkC1z42ccB68F5EyzwW8Ob6nREB7nvxrQ Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-4138-1 September 24, 2019
libreoffice vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS
Summary:
LibreOffice could be made to run programs as your login if it opened a specially crafted file.
Software Description: - libreoffice: Office productivity suite
Details:
It was discovered that LibreOffice incorrectly handled embedded scripts in document files. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: libreoffice-core 1:6.2.7-0ubuntu0.19.04.1
Ubuntu 18.04 LTS: libreoffice-core 1:6.0.7-0ubuntu0.18.04.10
Ubuntu 16.04 LTS: libreoffice-core 1:5.1.6~rc2-0ubuntu1~xenial10
After a standard system update you need to restart LibreOffice to make all the necessary changes.
References: https://usn.ubuntu.com/4138-1 CVE-2019-9854
Package Information: https://launchpad.net/ubuntu/+source/libreoffice/1:6.2.7-0ubuntu0.19.04.1 https://launchpad.net/ubuntu/+source/libreoffice/1:6.0.7-0ubuntu0.18.04.10 https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial10
--LkC1z42ccB68F5EyzwW8Ob6nREB7nvxrQ--
--ZfYQGy14SDcYdroysGPni0oYdqaF6be5d Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl2KLDEACgkQZWnYVadE vpMNdQ//fmrTidWGlcRL7+EWLWBcPoPCo1UPNTG0xwQe6BkgPE9fCkkSrs3Uj7Ih b9QY/r47Lqpp2XdnqvzhbZpbsdvEcPGZ/+VfDMKkeqCGnmBbbu8VCxFcr9nN5WFf cqUexufCVi0BXQxT6+8DDa0CZaNoVPTC5/T3iKwAttPdwhLuyjoJNjgiur+GbJ8X WODLXOIGram/1+IEauFWfOdA/AQM9EQz5RQMwSwn+WlRMJy/O4NNhn9wXE/wfMX+ o1U2H1etIjUCTbYHrtktM1zqtXC6T7/IDKaW4LP1fAZqcBHeAKknNbwoiI8at0l3 +WODUJ+gLurx+Vc5b5KWwWTovBOWYtU+0j3NYaVYfAcCp8M28bwJy/eQFdCktU48 wefA767kN9NanVk17iIVhtzh1+FPd3l60tEai82iJoxA6GJeNZzdn8aT06hzteJ6 qMButhU5X1dkoUsqQONRY/Q6xO1iCeZl3NlZZTQhaBQ6R0dW+Nw7zXkW4S+31TWE x+HWtbPuF57oA8VBfi0A9+rjZrIY4WxpDvnsPcZxhYAZ6UUsDtkVfMhvt0F2hMvt XuREbL6yhGacUiC09p0ou5byI+pRi67jy3J2MjCoU2jxst3mQNa+n9l/wBOIy5M4 lfIy6wipICO7qYQSdYcTw/ACbpNqiS40AlfzJ5JFZ4PWAVRYW8Q= =c/AH -----END PGP SIGNATURE-----
--ZfYQGy14SDcYdroysGPni0oYdqaF6be5d--
--===============3170590506387345245== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============3170590506387345245==--
|
|
|
|