Advisories » MGASA-2024-0209

Updated libreoffice packages fix security vulnerability

Publication date: 03 Jun 2024
Modification date: 03 Jun 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-3044

Description

Unchecked script execution in Graphic on-click binding in affected
LibreOffice versions allows an attacker to create a document which
without prompt will execute scripts built-into LibreOffice on clicking a
graphic. Such scripts were previously deemed trusted but are now deemed
untrusted. (CVE-2024-3044)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33222
• https://lwn.net/Articles/973885/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3044

SRPMS

9/core

• libreoffice-7.6.7.2-1.mga9