SuSE 10 Security Update : LibreOffice (ZYPP Patch Number 8022)

2012-04-03T00:00:00
ID SUSE_LIBREOFFICE-345-8022.NASL
Type nessus
Reporter This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-01-19T00:00:00

Description

LibreOffice 3.4.5 includes many fixes over the previous LibreOffice 3.4.2.6 update.

The update fixes the following security issues :

  • 740453: Vulnerability in RDF handling. (CVE-2012-0037)

  • 752595: overflow in jpeg handling. (CVE-2012-1149)

  • 736146: buffer overflow in the build in icu copy (736146) This update also fixes the following non-security issues :

Extras :

  • add SUSE color palette (fate#312645) Filters :

  • crash when loading embedded elements. (bnc#693238)

  • crash when importing an empty paragraph (rh#667082)

  • more on bentConnectors. (bnc#736495)

  • wrong text color in smartArt. (bnc#746996)

  • reading of w:textbox contents. (bnc#693388)

  • textbox position and size DOCX import (fdo#45560)

  • RTF/DOCX import of transparent frames. (bnc#695479)

  • consecutive frames in RTF/DOCX import. (bnc#703032)

  • handling of frame properties in RTF import. (bnc#417818)

  • force imported XLSX active tab to be shown. (bnc#748198)

  • create TableManager for inside shapes. (bnc#747471, bnc#693238)

  • textboxes import with OLE objects inside. (bnc#747471, bnc#693238)

  • table style. (bnc#705991)

  • text rotation fixes. (bnc#734734)

  • crash in PPTX import. (bnc#706792)

  • read w:sdt* contents. (bnc#705949)

  • connector shape fixes. (bnc#719989)

  • legacy fragment import. (bnc#699334)

  • non-working Excel macros. (bnc#705977)

  • free drawn curves import. (bnc#657909)

  • group shape transformations. (bnc#621739)

  • extLst of drawings in diagrams import. (bnc#655408)

  • flip properties of custom shapes import. (bnc#705985)

  • line spacing is used from previous values. (bnc#734734)

  • missing ooxml customshape->mso shape name entries. (bnc#737921)

  • word doesn't break the numberings and prefers hiding them. (bnc#707157)

Base :

  • iterator misuse (fdo #44040, bnc#742178) Writer :

  • do not use an invalidated iterator (fdo#46337)

  • field refreshing (fdo#39694)

  • more layout crashers (i#101776, fdo#39510)

  • textbox borders style and width in DOCX import (fdo#45560)

  • expand all text fields when setting properties (fdo#42073)

  • version 3.4.5.3, tag suse-3.4.5.3 (SUSE LO 3.4.5-rc1)

  • SmartArt import

  • custom shapes import

  • Oracle Java 1.7.0 detection

  • reading AES-encrypted ODF 1.2 documents as generated by LO 3.5

  • frame selection. (bnc#740117)

  • crash when editing index. (bnc#726174)

  • order database properties. (bnc#740032)

  • numbering levels in DOC import. (bnc#715115)

  • image size issue in DOC import. (bnc#718971)

  • pointless forward moving of a table. (bnc#706138)

  • tabs set after the end margin in DOCX import. (bnc#693238)

  • add hyperlinks by default in Table of Contents (bnc#705956) Calc :

  • pie charts colors messed in XLS import (fdo#40320)

  • correctly import data point formats in data series (fdo#40320) Components :

  • crash when parsing XML signatures (fdo#39657)

  • broken getDataArray (fdo#46165, fdo#38441, i#117010)

  • don't paint a frame around the list of edit boxes (fdo#42543)

  • inconsistent compression method for encrypted documents. (bnc#653688)

  • allow pasting to multiple ranges. (bnc#715094)

  • correctly convert chart data ranges. (bnc#727504)

  • definedName corruption for XLSX export. (bnc#741182)

  • adjust/shrink the ranges while copying. (bnc#677811)

  • extra graph data is displayed for label. (bnc#717290)

  • getCellRangeByName failure for named range. (bnc#738113)

  • graph in XLS file has dates displayed wrong. (bnc#720443)

  • improve performance of large Excel documents. (bnc#715104)

  • display page background color/image properly. (bnc#722045)

  • pivot table output becoming empty on re-save. (bnc#715543)

  • encode virtual paths to local volume correctly. (bnc#719887)

  • avoid adjusting cell-anchored objects on other sheets. (bnc#726152)

  • make sure to adjust the sheet index of drawing objects. (bnc#733864)

  • make the data validation popup more reliable (fdo #36851, bnc#737190) Impress :

  • do not create an empty slide when printing handouts (fdo#31966)

  • undo corruption. (bnc#685123)

  • do not set duplicate master slide names (bnc#735533) Libraries :

  • default shortcut for .uno:SearchDialog should be Ctrl+H

  • crash using instances dialog of dataform navigator (fdo#44816)

  • disable problematic reading of external entities in raptor

  • correctly calculate leap year

  • use proper Indian Rupee currency symbol U+20B9 (rh#794679)

  • handle copy and paste from ConsoleOne. (bnc#704274)

  • VBA control events not working, broken eventattacher. (bnc#718227)

  • 'General Error' when double-click graphic in presentation. (bnc#720948)

  • upgrade graphite to 1.0.3 fix surrogate support

  • crash at exit. (bnc#728603)

  • radial gradient offset. (bnc#714787)

  • horizontal scrollbars with KDE oxygen style. (bnc#722918)

  • rendering of metafiles embedded in EMF+ (updated) (bnc#705956) Postprocess :

  • make the 3D transitions work again (bnc#728559) URE :

  • make Duden Korrektor 5 and 6 work General :

  • add compat symlinks for the old main desktop icon. (bnc#724087)

  • Fix tooltips are all black in KDE4 (bnc#723074, fdo#40461)

  • do-not-display-math-in-desktop-menu.diff: do not display math in desktop menu (fdo#41681)

  • desktop-submenu.diff: display LO application in the right desktop submenu. (bnc#718694)

  • bash-completion-for-loffice.diff: define bash completion for 'loffice' wrapper. (bnc#719656)

  • svx-globlmn-hrc-build-dep.diff: fix build dependency problem in svx

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(58577);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2011-4599", "CVE-2012-0037", "CVE-2012-1149");

  script_name(english:"SuSE 10 Security Update : LibreOffice (ZYPP Patch Number 8022)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"LibreOffice 3.4.5 includes many fixes over the previous LibreOffice
3.4.2.6 update.

The update fixes the following security issues :

  - 740453: Vulnerability in RDF handling. (CVE-2012-0037)

  - 752595: overflow in jpeg handling. (CVE-2012-1149)

  - 736146: buffer overflow in the build in icu copy
    (736146) This update also fixes the following
    non-security issues :

Extras :

  - add SUSE color palette (fate#312645) Filters :

  - crash when loading embedded elements. (bnc#693238)

  - crash when importing an empty paragraph (rh#667082)

  - more on bentConnectors. (bnc#736495)

  - wrong text color in smartArt. (bnc#746996)

  - reading of w:textbox contents. (bnc#693388)

  - textbox position and size DOCX import (fdo#45560)

  - RTF/DOCX import of transparent frames. (bnc#695479)

  - consecutive frames in RTF/DOCX import. (bnc#703032)

  - handling of frame properties in RTF import. (bnc#417818)

  - force imported XLSX active tab to be shown. (bnc#748198)

  - create TableManager for inside shapes. (bnc#747471,
    bnc#693238)

  - textboxes import with OLE objects inside. (bnc#747471,
    bnc#693238)

  - table style. (bnc#705991)

  - text rotation fixes. (bnc#734734)

  - crash in PPTX import. (bnc#706792)

  - read w:sdt* contents. (bnc#705949)

  - connector shape fixes. (bnc#719989)

  - legacy fragment import. (bnc#699334)

  - non-working Excel macros. (bnc#705977)

  - free drawn curves import. (bnc#657909)

  - group shape transformations. (bnc#621739)

  - extLst of drawings in diagrams import. (bnc#655408)

  - flip properties of custom shapes import. (bnc#705985)

  - line spacing is used from previous values. (bnc#734734)

  - missing ooxml customshape->mso shape name entries.
    (bnc#737921)

  - word doesn't break the numberings and prefers hiding
    them. (bnc#707157)

Base :

  - iterator misuse (fdo #44040, bnc#742178) Writer :

  - do not use an invalidated iterator (fdo#46337)

  - field refreshing (fdo#39694)

  - more layout crashers (i#101776, fdo#39510)

  - textbox borders style and width in DOCX import
    (fdo#45560)

  - expand all text fields when setting properties
    (fdo#42073)

  - version 3.4.5.3, tag suse-3.4.5.3 (SUSE LO 3.4.5-rc1)

  - SmartArt import

  - custom shapes import

  - Oracle Java 1.7.0 detection

  - reading AES-encrypted ODF 1.2 documents as generated by
    LO 3.5

  - frame selection. (bnc#740117)

  - crash when editing index. (bnc#726174)

  - order database properties. (bnc#740032)

  - numbering levels in DOC import. (bnc#715115)

  - image size issue in DOC import. (bnc#718971)

  - pointless forward moving of a table. (bnc#706138)

  - tabs set after the end margin in DOCX import.
    (bnc#693238)

  - add hyperlinks by default in Table of Contents
    (bnc#705956) Calc :

  - pie charts colors messed in XLS import (fdo#40320)

  - correctly import data point formats in data series
    (fdo#40320) Components :

  - crash when parsing XML signatures (fdo#39657)

  - broken getDataArray (fdo#46165, fdo#38441, i#117010)

  - don't paint a frame around the list of edit boxes
    (fdo#42543)

  - inconsistent compression method for encrypted documents.
    (bnc#653688)

  - allow pasting to multiple ranges. (bnc#715094)

  - correctly convert chart data ranges. (bnc#727504)

  - definedName corruption for XLSX export. (bnc#741182)

  - adjust/shrink the ranges while copying. (bnc#677811)

  - extra graph data is displayed for label. (bnc#717290)

  - getCellRangeByName failure for named range. (bnc#738113)

  - graph in XLS file has dates displayed wrong.
    (bnc#720443)

  - improve performance of large Excel documents.
    (bnc#715104)

  - display page background color/image properly.
    (bnc#722045)

  - pivot table output becoming empty on re-save.
    (bnc#715543)

  - encode virtual paths to local volume correctly.
    (bnc#719887)

  - avoid adjusting cell-anchored objects on other sheets.
    (bnc#726152)

  - make sure to adjust the sheet index of drawing objects.
    (bnc#733864)

  - make the data validation popup more reliable (fdo
    #36851, bnc#737190) Impress :

  - do not create an empty slide when printing handouts
    (fdo#31966)

  - undo corruption. (bnc#685123)

  - do not set duplicate master slide names (bnc#735533)
    Libraries :

  - default shortcut for .uno:SearchDialog should be Ctrl+H

  - crash using instances dialog of dataform navigator
    (fdo#44816)

  - disable problematic reading of external entities in
    raptor

  - correctly calculate leap year

  - use proper Indian Rupee currency symbol U+20B9
    (rh#794679)

  - handle copy and paste from ConsoleOne. (bnc#704274)

  - VBA control events not working, broken eventattacher.
    (bnc#718227)

  - 'General Error' when double-click graphic in
    presentation. (bnc#720948)

  - upgrade graphite to 1.0.3 fix surrogate support

  - crash at exit. (bnc#728603)

  - radial gradient offset. (bnc#714787)

  - horizontal scrollbars with KDE oxygen style.
    (bnc#722918)

  - rendering of metafiles embedded in EMF+ (updated)
    (bnc#705956) Postprocess :

  - make the 3D transitions work again (bnc#728559) URE :

  - make Duden Korrektor 5 and 6 work General :

  - add compat symlinks for the old main desktop icon.
    (bnc#724087)

  - Fix tooltips are all black in KDE4 (bnc#723074,
    fdo#40461)

  - do-not-display-math-in-desktop-menu.diff: do not display
    math in desktop menu (fdo#41681)

  - desktop-submenu.diff: display LO application in the
    right desktop submenu. (bnc#718694)

  - bash-completion-for-loffice.diff: define bash completion
    for 'loffice' wrapper. (bnc#719656)

  - svx-globlmn-hrc-build-dep.diff: fix build dependency
    problem in svx"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2011-4599.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-0037.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-1149.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 8022.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/06/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/03/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/03");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-af-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-ar-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-ca-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-cs-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-da-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-de-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-el-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-en-GB-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-es-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-fi-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-fr-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-galleries-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-gnome-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-gu-IN-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-hi-IN-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-hu-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-it-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-ja-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-kde-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-ko-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-mono-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-nb-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-nl-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-nn-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-pl-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-pt-BR-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-ru-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-sk-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-sv-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-xh-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-zh-CN-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-zh-TW-3.4.5.5-0.7.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"libreoffice-zu-3.4.5.5-0.7.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");