Updated libreoffice packages fix security vulnerability
Publication date: 22 Feb 2019Type: security
Affected Mageia releases : 6
CVE: CVE-2018-16858
Description
Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document (CVE-2018-16858). The libreoffice package has been updated to version 6.1.5.2, fixing this issue, and including several other bug fixes and enhancements. Several supporting library packages have been updated as well. Here's the list of improvements from 5.3 to 6.1: https://wiki.documentfoundation.org/ReleaseNotes/5.4 https://wiki.documentfoundation.org/ReleaseNotes/6.0 https://wiki.documentfoundation.org/ReleaseNotes/6.1
References
SRPMS
6/core
- libabw-0.1.2-1.mga6
- libcdr-0.1.5-1.mga6
- libcmis-0.5.2-1.mga6
- libe-book-0.1.3-1.mga6
- libetonyek-0.1.9-1.mga6
- libfreehand-0.1.2-2.mga6
- libmspub-0.1.4-1.mga6
- libmwaw-0.3.14-2.mga6
- libodfgen-0.1.7-1.mga6
- libpagemaker-0.0.4-1.mga6
- libstaroffice-0.0.6-1.mga6
- libvisio-0.1.6-1.mga6
- libwpg-0.3.3-1.mga6
- libwps-0.4.10-1.mga6
- libzmf-0.0.2-1.mga6
- cppunit-1.14.0-1.mga6
- libepubgen-0.1.1-2.mga6
- libixion-0.14.1-1.mga6
- libnumbertext-1.0.5-1.mga6
- liborcus-0.14.1-1.mga6
- libqxp-0.0.2-1.mga6
- mdds-1.4.3-1.mga6
- libreoffice-6.1.5.2-1.2.mga6