drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in libreoffice
Name: |
Zwei Probleme in libreoffice |
|
ID: |
RHSA-2024:1512 |
|
Distribution: |
Red Hat |
|
Plattformen: |
Red Hat Enterprise Linux AppStream AUS (v. 8.2), Red Hat Enterprise Linux AppStream E4S (v. 8.2), Red Hat Enterprise Linux AppStream TUS (v. 8.2) |
|
Datum: |
Di, 26. März 2024, 22:12 |
|
Referenzen: |
https://bugzilla.redhat.com/show_bug.cgi?id=2254003
https://access.redhat.com/security/cve/CVE-2023-6185
https://access.redhat.com/security/cve/CVE-2023-6186
https://bugzilla.redhat.com/show_bug.cgi?id=2254005
https://access.redhat.com/errata/RHSA-2024:1512 |
|
Applikationen: |
LibreOffice |
|
Originalnachricht |
An update for libreoffice is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.
Security Fix(es):
* libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185)
* libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186)
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2023-6185: Execution with Unnecessary Privileges (CWE-250) CVE-2023-6186: Execution with Unnecessary Privileges (CWE-250)
|
|
|
|