1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5252-1] libreoffice security update

    From Moritz Muehlenhoff@21:1/5 to All on Wed Oct 12 19:40:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5252-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 12, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libreoffice
    CVE ID : CVE-2022-3140

    It was discovered that insufficient validation of
    "vnd.libreoffice.command" URI schemes could result in the execution of arbitrary macro commands.

    For the stable distribution (bullseye), this problem has been fixed in
    version 1:7.0.4-4+deb11u4.

    We recommend that you upgrade your libreoffice packages.

    For the detailed security status of libreoffice please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/libreoffice

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNG+qAACgkQEMKTtsN8 Tja3uRAAkiNgui3BXi1QzYKs8IV7gWHqaGh2Yha+I0jksPzSPpIujCPo7p7EXSs8 Lm0y36dxT0rl3cokZtlNmDb0WgU7NVIgiu8+sI1jQuob1MT6vAN7BJUDOzzXxWUF 736lg9cJexJCOk+DHZq9oTW6bT0s+e+nAXixhsr4ZphrllMasbvm+LyB5hYRsyVx A3tR+Be7bwaflqRVLIYTozL3K6pXeQvcZp7BjEyxMwgZ01+A+h44CmG+fBnVbE87 dX0GHonx8N41eodaXRX0rUq8RESPSkKj7cuqopta3YQkQIwZ6ZxsN4rPSKidZXEl f+31/H3sw9ckhv8ShgpIpzdqZ0ehVoth0zDo+X/ZGEmFEsDHnt7GtSAyk5/w6Hw9 5gwMdQSlrWTHUGLw0ER9bHSXJYlhqUZ92WnCkHKsGYXkdoMpm2zXP3qZjXXkw2rg a3F9M61uOEYwNuKWpTCN3kfOUm8ym7DhyXqRkn2+1CQ3jpdqgXGK4/7NF3J224hA ARvnaYFo9JVCuRabznkWZJ1fI0+AjsEdya060X+TlkAX5JWHS5oJHrBOqbCugj3j 3dPKd1IFDkiN78dAsePpUo6m9UOEYV75vBkvKtyQ1nuexF9MOawycPbiEelwE3fk GnyVTdww4lX+pXAs+N8IBv+Ydw8SNAVDsy6sRxpzBTBwa3+Xnf0=
    =rIOZ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)