Updated libreoffice packages fix security vulnerabilities
Publication date: 05 Jun 2018Modification date: 05 Jun 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-6871 , CVE-2018-10119 , CVE-2018-10120 , CVE-2018-10583
Description
The updated packages fix security vulnerabilities: LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. (CVE-2018-6871) sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format. (CVE-2018-10119) The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. (CVE-2018-10120) An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. (CVE-2018-10583)
References
- https://bugs.mageia.org/show_bug.cgi?id=22579
- https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/
- https://www.libreoffice.org/about-us/security/advisories/cve-2018-10119/
- https://www.libreoffice.org/about-us/security/advisories/cve-2018-10120/
- https://www.libreoffice.org/about-us/security/advisories/cve-2018-10583/
- https://www.debian.org/security/2018/dsa-4111
- https://www.debian.org/security/2018/dsa-4178
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6871
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10119
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10120
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10583
SRPMS
6/core
- libreoffice-5.3.7.2-3.mga6