Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2018-3683-1.NASL
HistoryJan 02, 2019 - 12:00 a.m.

SUSE SLED15 / SLES15 Security Update : libepubgen, liblangtag, libmwaw, libnumbertext, libreoffice, libstaroffice, libwps, myspell-dictionaries, xmlsec1 (SUSE-SU-2018:3683-1)

2019-01-0200:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

This update for LibreOffice, libepubgen, liblangtag, libmwaw, libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1 fixes the following issues :

LibreOffice was updated to 6.1.3.2 (fate#326624) and contains new features and lots of bugfixes :

The full changelog can be found on :

https://wiki.documentfoundation.org/ReleaseNotes/6.1

Bugfixes :

bsc#1095639 Exporting to PPTX results in vertical labels being shown horizontally

bsc#1098891 Table in PPTX misplaced and partly blue

bsc#1088263 Labels in chart change (from white and other colors) to black when saving as PPTX

bsc#1095601 Exporting to PPTX shifts arrow shapes quite a bit

Add more translations :

  • Belarusian

  • Bodo

  • Dogri

  • Frisian

  • Gaelic

  • Paraguayan_Guaran

  • Upper_Sorbian

  • Konkani

  • Kashmiri

  • Luxembourgish

  • Monglolian

  • Manipuri

  • Burnese

  • Occitan

  • Kinyarwanda

  • Santali

  • Sanskrit

  • Sindhi

  • Sidamo

  • Tatar

  • Uzbek

  • Upper Sorbian

  • Venetian

  • Amharic

  • Asturian

  • Tibetian

  • Bosnian

  • English GB

  • English ZA

  • Indonesian

  • Icelandic

  • Georgian

  • Khmer

  • Lao

  • Macedonian

  • Nepali

  • Oromo

  • Albanian

  • Tajik

  • Uyghur

  • Vietnamese

  • Kurdish

Try to build all languages see bsc#1096360

Make sure to install the KDE5/Qt5 UI/filepicker

Try to implement safeguarding to avoid bsc#1050305

Disable base-drivers-mysql as it needs mysqlcppcon that is only for mysql and not mariadb, causes issues bsc#1094779

  • Users can still connect using jdbc/odbc

Fix java detection on machines with too many cpus

CVE-2018-10583: An information disclosure vulnerability occured when LibreOffice automatically processed and initiated an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. (bsc#1091606)

libepubgen was updated to 0.1.1: Avoid <div> inside or <span>.Avoid writin vertical-align attribute without a value.

Fix generation of invalid XHTML when there is a link starting at the beginning of a footnote.

Handle relative width for images.

Fixed layout: write chapter names to improve navigation.

Support writing mode.

Start a new HTML file at every page span in addition to the splits induced by the chosen split method. This is to ensure that specified writing mode works correctly, as it is HTML attribute.

liblangtag was updated to 0.6.2: use standard function

fix leak in test

libmwaw was updated to 0.3.14: Support MS Multiplan 1.1 files

libnumbertext was update to 1.0.5: Various fixes in numerical calculations and issues reported on libreoffice tracker

libstaroffice was updated to 0.0.6: retrieve some StarMath’s formula,

retrieve some charts as graphic,

retrieve some fields in sda/sdc/sdp text-boxes,

.sdw: retrieve more attachments.

libwps was updated to 0.4.9: QuattroPro: add parser to .wb3 files

Multiplan: add parser to DOS v1-v3 files

charts: try to retrieve charts in .wk*, .wq* files

QuattroPro: add parser to .wb[12] files

myspell-dictionaries was updated to 20181025: Turkish dictionary added

Updated French dictionary

xmlsec1 was updated to 1.2.26: Added xmlsec-mscng module based on Microsoft Cryptography API: Next Generation

Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST R 34.10-2001 in xmlsec-mscrypto

</span>

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2018:3683-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(120160);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/13");

  script_cve_id("CVE-2018-10583");

  script_name(english:"SUSE SLED15 / SLES15 Security Update : libepubgen, liblangtag, libmwaw, libnumbertext, libreoffice, libstaroffice, libwps, myspell-dictionaries, xmlsec1 (SUSE-SU-2018:3683-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description",
    value:
"This update for LibreOffice, libepubgen, liblangtag, libmwaw,
libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1
fixes the following issues :

LibreOffice was updated to 6.1.3.2 (fate#326624) and contains new
features and lots of bugfixes :

The full changelog can be found on :

https://wiki.documentfoundation.org/ReleaseNotes/6.1

Bugfixes :

bsc#1095639 Exporting to PPTX results in vertical labels being shown
horizontally

bsc#1098891 Table in PPTX misplaced and partly blue

bsc#1088263 Labels in chart change (from white and other colors) to
black when saving as PPTX

bsc#1095601 Exporting to PPTX shifts arrow shapes quite a bit

Add more translations :

  - Belarusian

  - Bodo

  - Dogri

  - Frisian

  - Gaelic

  - Paraguayan_Guaran

  - Upper_Sorbian

  - Konkani

  - Kashmiri

  - Luxembourgish

  - Monglolian

  - Manipuri

  - Burnese

  - Occitan

  - Kinyarwanda

  - Santali

  - Sanskrit

  - Sindhi

  - Sidamo

  - Tatar

  - Uzbek

  - Upper Sorbian

  - Venetian

  - Amharic

  - Asturian

  - Tibetian

  - Bosnian

  - English GB

  - English ZA

  - Indonesian

  - Icelandic

  - Georgian

  - Khmer

  - Lao

  - Macedonian

  - Nepali

  - Oromo

  - Albanian

  - Tajik

  - Uyghur

  - Vietnamese

  - Kurdish

Try to build all languages see bsc#1096360

Make sure to install the KDE5/Qt5 UI/filepicker

Try to implement safeguarding to avoid bsc#1050305

Disable base-drivers-mysql as it needs mysqlcppcon that is only for
mysql and not mariadb, causes issues bsc#1094779

  - Users can still connect using jdbc/odbc

Fix java detection on machines with too many cpus

CVE-2018-10583: An information disclosure vulnerability occured when
LibreOffice automatically processed and initiated an SMB connection
embedded in a malicious file, as demonstrated by
xlink:href=file://192.168.0.2/test.jpg within an
office:document-content element in a .odt XML document. (bsc#1091606)

libepubgen was updated to 0.1.1: Avoid <div> inside or <span>.Avoid
writin vertical-align attribute without a value.

Fix generation of invalid XHTML when there is a link starting at the
beginning of a footnote.

Handle relative width for images.

Fixed layout: write chapter names to improve navigation.

Support writing mode.

Start a new HTML file at every page span in addition to the splits
induced by the chosen split method. This is to ensure that specified
writing mode works correctly, as it is HTML attribute.

liblangtag was updated to 0.6.2: use standard function

fix leak in test

libmwaw was updated to 0.3.14: Support MS Multiplan 1.1 files

libnumbertext was update to 1.0.5: Various fixes in numerical
calculations and issues reported on libreoffice tracker

libstaroffice was updated to 0.0.6: retrieve some StarMath's formula,

retrieve some charts as graphic,

retrieve some fields in sda/sdc/sdp text-boxes,

.sdw: retrieve more attachments.

libwps was updated to 0.4.9: QuattroPro: add parser to .wb3 files

Multiplan: add parser to DOS v1-v3 files

charts: try to retrieve charts in .wk*, .wq* files

QuattroPro: add parser to .wb[12] files

myspell-dictionaries was updated to 20181025: Turkish dictionary added

Updated French dictionary

xmlsec1 was updated to 1.2.26: Added xmlsec-mscng module based on
Microsoft Cryptography API: Next Generation

Added support for GOST 2012 and fixed CryptoPro CSP provider for GOST
R 34.10-2001 in xmlsec-mscrypto

</span>

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1050305"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1088263"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1091606"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1094779"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1095601"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1095639"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1096360"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1098891"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1104876"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://wiki.documentfoundation.org/ReleaseNotes/6.1"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-10583/"
  );
  # https://www.suse.com/support/update/announcement/2018/suse-su-20183683-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?b9eb9364"
  );
  script_set_attribute(
    attribute:"solution",
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 15:zypper in -t patch
SUSE-SLE-Product-WE-15-2018-2616=1

SUSE Linux Enterprise Module for Packagehub Subpackages 15:zypper in
-t patch SUSE-SLE-Module-Packagehub-Subpackages-15-2018-2616=1

SUSE Linux Enterprise Module for Open Buildservice Development Tools
15:zypper in -t patch
SUSE-SLE-Module-Development-Tools-OBS-15-2018-2616=1

SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch
SUSE-SLE-Module-Basesystem-15-2018-2616=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstaroffice-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstaroffice-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstaroffice-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstaroffice-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libstaroffice-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwps-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwps-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwps-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libwps-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxmlsec1-gcrypt1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxmlsec1-gcrypt1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxmlsec1-gnutls1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxmlsec1-gnutls1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxmlsec1-openssl1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libxmlsec1-openssl1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-dictionaries");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-lightproof-en");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-lightproof-hu_HU");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-lightproof-pt_BR");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-lightproof-ru_RU");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xmlsec1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xmlsec1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xmlsec1-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xmlsec1-gcrypt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xmlsec1-gnutls-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xmlsec1-openssl-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/05/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/11/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/02");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp);
if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-debuginfo-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-debugsource-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-devel-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-tools-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-tools-debuginfo-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libstaroffice-debuginfo-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libstaroffice-debugsource-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libstaroffice-devel-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libstaroffice-tools-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libstaroffice-tools-debuginfo-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libwps-debuginfo-0.4.9-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libwps-debugsource-0.4.9-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libwps-tools-0.4.9-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libwps-tools-debuginfo-0.4.9-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libxmlsec1-gcrypt1-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libxmlsec1-gcrypt1-debuginfo-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libxmlsec1-gnutls1-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libxmlsec1-gnutls1-debuginfo-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libxmlsec1-openssl1-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libxmlsec1-openssl1-debuginfo-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-dictionaries-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-lightproof-en-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-lightproof-hu_HU-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-lightproof-pt_BR-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-lightproof-ru_RU-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"xmlsec1-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"xmlsec1-debuginfo-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"xmlsec1-debugsource-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"xmlsec1-gcrypt-devel-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"xmlsec1-gnutls-devel-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"xmlsec1-openssl-devel-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-debuginfo-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-debugsource-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-devel-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-tools-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-tools-debuginfo-0.3.14-4.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libstaroffice-debuginfo-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libstaroffice-debugsource-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libstaroffice-devel-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libstaroffice-tools-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libstaroffice-tools-debuginfo-0.0.6-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libwps-debuginfo-0.4.9-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libwps-debugsource-0.4.9-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libwps-tools-0.4.9-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libwps-tools-debuginfo-0.4.9-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libxmlsec1-gcrypt1-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libxmlsec1-gcrypt1-debuginfo-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libxmlsec1-gnutls1-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libxmlsec1-gnutls1-debuginfo-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libxmlsec1-openssl1-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libxmlsec1-openssl1-debuginfo-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-dictionaries-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-lightproof-en-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-lightproof-hu_HU-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-lightproof-pt_BR-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-lightproof-ru_RU-20181025-3.6.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"xmlsec1-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"xmlsec1-debuginfo-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"xmlsec1-debugsource-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"xmlsec1-gcrypt-devel-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"xmlsec1-gnutls-devel-1.2.26-3.3.1")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"xmlsec1-openssl-devel-1.2.26-3.3.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libepubgen / liblangtag / libmwaw / libnumbertext / libreoffice / libstaroffice / libwps / myspell-dictionaries / xmlsec1");
}
VendorProductVersionCPE
novellsuse_linuxlibmwaw-debuginfop-cpe:/a:novell:suse_linux:libmwaw-debuginfo
novellsuse_linuxlibmwaw-debugsourcep-cpe:/a:novell:suse_linux:libmwaw-debugsource
novellsuse_linuxlibmwaw-develp-cpe:/a:novell:suse_linux:libmwaw-devel
novellsuse_linuxlibmwaw-toolsp-cpe:/a:novell:suse_linux:libmwaw-tools
novellsuse_linuxlibmwaw-tools-debuginfop-cpe:/a:novell:suse_linux:libmwaw-tools-debuginfo
novellsuse_linuxlibstaroffice-debuginfop-cpe:/a:novell:suse_linux:libstaroffice-debuginfo
novellsuse_linuxlibstaroffice-debugsourcep-cpe:/a:novell:suse_linux:libstaroffice-debugsource
novellsuse_linuxlibstaroffice-develp-cpe:/a:novell:suse_linux:libstaroffice-devel
novellsuse_linuxlibstaroffice-toolsp-cpe:/a:novell:suse_linux:libstaroffice-tools
novellsuse_linuxlibstaroffice-tools-debuginfop-cpe:/a:novell:suse_linux:libstaroffice-tools-debuginfo
Rows per page:
1-10 of 321

Related

ubuntucve 1
zdt 1
osv 1
openvas 12
nessus 16
suse 3
redhatcve 1
packetstorm 2
debiancve 1
fedora 3
prion 1
cve 1
kaspersky 1
cvelist 1
exploitdb 1
redhat 1
mageia 1
ubuntu 1
ubuntucve
ubuntucve
CVE-2018-10583
2018-05-01 00:00:00
zdt
zdt
LibreOffice / Open Office - .odt Information Disclosure Exploit
2018-05-02 00:00:00
osv
osv
CVE-2018-10583
2018-05-01 16:29:00
openvas
openvas
Apache OpenOffice Writer ODT file Information Disclosure Vulnerability (May 2018) - Windows
2018-05-07 00:00:00
openSUSE: Security Advisory for libreoffice (openSUSE-SU-2018:2532-1)
2018-08-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3683-1)
2021-06-09 00:00:00
nessus
nessus
openSUSE Security Update : LibreOffice and dependency libraries (openSUSE-2019-912)
2019-03-27 00:00:00
Fedora 28 : 1:libreoffice (2018-8d3f4d7b28)
2019-01-03 00:00:00
openSUSE Security Update : libreoffice (openSUSE-2019-642)
2019-03-27 00:00:00
suse
suse
Security update for libreoffice (moderate)
2018-08-28 03:10:18
Security update for LibreOffice and dependency libraries (moderate)
2018-11-17 00:08:58
Security update for libreoffice (moderate)
2018-08-28 03:08:00
redhatcve
redhatcve
CVE-2018-10583
2018-05-04 14:18:49
packetstorm
packetstorm
LibreOffice 6.0.3 / OpenOffice 4.1.5 Information Disclosure
2018-05-03 00:00:00
BigBlueButton 2.2.25 File Disclosure / Server-Side Request Forgery
2020-10-21 00:00:00
debiancve
debiancve
CVE-2018-10583
2018-05-01 16:29:00
fedora
fedora
[SECURITY] Fedora 28 Update: libreoffice-6.0.3.2-9.fc28
2018-05-11 21:15:43
[SECURITY] Fedora 28 Update: libreoffice-6.0.7.3-1.fc28
2019-02-08 02:31:05
[SECURITY] Fedora 27 Update: libreoffice-5.4.6.2-6.fc27
2018-05-13 20:18:24
prion
prion
Information disclosure
2018-05-01 16:29:00
cve
cve
CVE-2018-10583
2018-05-01 16:29:00
kaspersky
kaspersky
KLA11600 OSI vulnerability in LibreOffice
2018-05-24 00:00:00
cvelist
cvelist
CVE-2018-10583
2018-05-01 16:00:00
exploitdb
exploitdb
BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery
2020-11-18 00:00:00
redhat
redhat
(RHSA-2018:3054) Moderate: libreoffice security and bug fix update
2018-10-30 04:13:24
mageia
mageia
Updated libreoffice packages fix security vulnerabilities
2018-06-06 00:42:18
ubuntu
ubuntu
LibreOffice vulnerabilities
2019-02-06 00:00:00
JSON
Related for SUSE_SU-2018-3683-1.NASL
ubuntucve1zdt1osv1openvas12nessus16suse3redhatcve1packetstorm2debiancve1fedora3prion1cve1kaspersky1cvelist1exploitdb1redhat1mageia1ubuntu1