CentOS ProjectCESA-2016:2579autocorr, libcmis, libpagemaker, libreoffice, mdds security update
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.021 Low
EPSS
Percentile
89.0%
CentOS Errata and Security Advisory CESA-2016:2579
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.
The following packages have been upgraded to a newer upstream version: libreoffice (5.0.6.2). (BZ#1290148)
Security Fix(es):
- Multiple flaws were found in the Lotus Word Pro (LWP) document format parser in LibreOffice. By tricking a user into opening a specially crafted LWP document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file. (CVE-2016-0794, CVE-2016-0795)
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2016-November/029549.html
https://lists.centos.org/pipermail/centos-cr-announce/2016-November/029580.html
https://lists.centos.org/pipermail/centos-cr-announce/2016-November/029617.html
https://lists.centos.org/pipermail/centos-cr-announce/2016-November/029676.html
https://lists.centos.org/pipermail/centos-cr-announce/2016-November/036576.html
Affected packages:
autocorr-af
autocorr-bg
autocorr-ca
autocorr-cs
autocorr-da
autocorr-de
autocorr-en
autocorr-es
autocorr-fa
autocorr-fi
autocorr-fr
autocorr-ga
autocorr-hr
autocorr-hu
autocorr-is
autocorr-it
autocorr-ja
autocorr-ko
autocorr-lb
autocorr-lt
autocorr-mn
autocorr-nl
autocorr-pl
autocorr-pt
autocorr-ro
autocorr-ru
autocorr-sk
autocorr-sl
autocorr-sr
autocorr-sv
autocorr-tr
autocorr-vi
autocorr-zh
libcmis
libcmis-devel
libcmis-tools
libpagemaker
libpagemaker-devel
libpagemaker-doc
libpagemaker-tools
libreoffice
libreoffice-base
libreoffice-bsh
libreoffice-calc
libreoffice-core
libreoffice-draw
libreoffice-emailmerge
libreoffice-filters
libreoffice-gdb-debug-support
libreoffice-glade
libreoffice-graphicfilter
libreoffice-impress
libreoffice-langpack-af
libreoffice-langpack-ar
libreoffice-langpack-as
libreoffice-langpack-bg
libreoffice-langpack-bn
libreoffice-langpack-br
libreoffice-langpack-ca
libreoffice-langpack-cs
libreoffice-langpack-cy
libreoffice-langpack-da
libreoffice-langpack-de
libreoffice-langpack-dz
libreoffice-langpack-el
libreoffice-langpack-en
libreoffice-langpack-es
libreoffice-langpack-et
libreoffice-langpack-eu
libreoffice-langpack-fa
libreoffice-langpack-fi
libreoffice-langpack-fr
libreoffice-langpack-ga
libreoffice-langpack-gl
libreoffice-langpack-gu
libreoffice-langpack-he
libreoffice-langpack-hi
libreoffice-langpack-hr
libreoffice-langpack-hu
libreoffice-langpack-it
libreoffice-langpack-ja
libreoffice-langpack-kk
libreoffice-langpack-kn
libreoffice-langpack-ko
libreoffice-langpack-lt
libreoffice-langpack-lv
libreoffice-langpack-mai
libreoffice-langpack-ml
libreoffice-langpack-mr
libreoffice-langpack-nb
libreoffice-langpack-nl
libreoffice-langpack-nn
libreoffice-langpack-nr
libreoffice-langpack-nso
libreoffice-langpack-or
libreoffice-langpack-pa
libreoffice-langpack-pl
libreoffice-langpack-pt-BR
libreoffice-langpack-pt-PT
libreoffice-langpack-ro
libreoffice-langpack-ru
libreoffice-langpack-si
libreoffice-langpack-sk
libreoffice-langpack-sl
libreoffice-langpack-sr
libreoffice-langpack-ss
libreoffice-langpack-st
libreoffice-langpack-sv
libreoffice-langpack-ta
libreoffice-langpack-te
libreoffice-langpack-th
libreoffice-langpack-tn
libreoffice-langpack-tr
libreoffice-langpack-ts
libreoffice-langpack-uk
libreoffice-langpack-ve
libreoffice-langpack-xh
libreoffice-langpack-zh-Hans
libreoffice-langpack-zh-Hant
libreoffice-langpack-zu
libreoffice-librelogo
libreoffice-math
libreoffice-nlpsolver
libreoffice-officebean
libreoffice-ogltrans
libreoffice-opensymbol-fonts
libreoffice-pdfimport
libreoffice-postgresql
libreoffice-pyuno
libreoffice-rhino
libreoffice-sdk
libreoffice-sdk-doc
libreoffice-ure
libreoffice-wiki-publisher
libreoffice-writer
libreoffice-xsltfilter
mdds-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2016:2579
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 7 | i686 | libcmis | < 0.5.1-2.el7 | libcmis-0.5.1-2.el7.i686.rpm |
| CentOS | 7 | x86_64 | libcmis | < 0.5.1-2.el7 | libcmis-0.5.1-2.el7.x86_64.rpm |
| CentOS | 7 | i686 | libcmis-devel | < 0.5.1-2.el7 | libcmis-devel-0.5.1-2.el7.i686.rpm |
| CentOS | 7 | x86_64 | libcmis-devel | < 0.5.1-2.el7 | libcmis-devel-0.5.1-2.el7.x86_64.rpm |
| CentOS | 7 | x86_64 | libcmis-tools | < 0.5.1-2.el7 | libcmis-tools-0.5.1-2.el7.x86_64.rpm |
| CentOS | 7 | i686 | libpagemaker | < 0.0.3-1.el7 | libpagemaker-0.0.3-1.el7.i686.rpm |
| CentOS | 7 | x86_64 | libpagemaker | < 0.0.3-1.el7 | libpagemaker-0.0.3-1.el7.x86_64.rpm |
| CentOS | 7 | i686 | libpagemaker-devel | < 0.0.3-1.el7 | libpagemaker-devel-0.0.3-1.el7.i686.rpm |
| CentOS | 7 | x86_64 | libpagemaker-devel | < 0.0.3-1.el7 | libpagemaker-devel-0.0.3-1.el7.x86_64.rpm |
| CentOS | 7 | noarch | libpagemaker-doc | < 0.0.3-1.el7 | libpagemaker-doc-0.0.3-1.el7.noarch.rpm |
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.021 Low
EPSS
Percentile
89.0%