(RHSA-2012:1135) Important: libreoffice security update

2012-08-0100:00:00

access.redhat.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.026 Low

EPSS

Percentile

89.1%

JSON

LibreOffice is an open source, community-developed office productivity
suite. It includes the key desktop applications, such as a word processor,
spreadsheet application, presentation manager, formula editor, and a
drawing program.

Multiple heap-based buffer overflow flaws were found in the way LibreOffice
processed encryption information in the manifest files of OpenDocument
Format files. An attacker could provide a specially-crafted OpenDocument
Format file that, when opened in a LibreOffice application, would cause the
application to crash or, potentially, execute arbitrary code with the
privileges of the user running the application. (CVE-2012-2665)

Upstream acknowledges Timo Warns as the original reporter of these issues.

All LibreOffice users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. All running
instances of LibreOffice applications must be restarted for this update to
take effect.

OSVersionArchitecturePackageVersionFilename
RedHat6s390xlibreoffice-wiki-publisher< 3.4.5.2-16.1.el6_3libreoffice-wiki-publisher-3.4.5.2-16.1.el6_3.s390x.rpm
RedHat6x86_64libreoffice-rhino< 3.4.5.2-16.1.el6_3libreoffice-rhino-3.4.5.2-16.1.el6_3.x86_64.rpm
RedHat6s390xlibreoffice-langpack-zh-hans< 3.4.5.2-16.1.el6_3libreoffice-langpack-zh-Hans-3.4.5.2-16.1.el6_3.s390x.rpm
RedHat6ppc64libreoffice-langpack-bg< 3.4.5.2-16.1.el6_3libreoffice-langpack-bg-3.4.5.2-16.1.el6_3.ppc64.rpm
RedHat6i686libreoffice-langpack-hi< 3.4.5.2-16.1.el6_3libreoffice-langpack-hi-3.4.5.2-16.1.el6_3.i686.rpm
RedHat6s390xlibreoffice-langpack-sv< 3.4.5.2-16.1.el6_3libreoffice-langpack-sv-3.4.5.2-16.1.el6_3.s390x.rpm
RedHat6i686libreoffice-langpack-ts< 3.4.5.2-16.1.el6_3libreoffice-langpack-ts-3.4.5.2-16.1.el6_3.i686.rpm
RedHat6noarchautocorr-lb< 3.4.5.2-16.1.el6_3autocorr-lb-3.4.5.2-16.1.el6_3.noarch.rpm
RedHat6i686libreoffice-langpack-zh-hant< 3.4.5.2-16.1.el6_3libreoffice-langpack-zh-Hant-3.4.5.2-16.1.el6_3.i686.rpm
RedHat6s390xlibreoffice-langpack-ve< 3.4.5.2-16.1.el6_3libreoffice-langpack-ve-3.4.5.2-16.1.el6_3.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	s390x	libreoffice-wiki-publisher	< 3.4.5.2-16.1.el6_3	libreoffice-wiki-publisher-3.4.5.2-16.1.el6_3.s390x.rpm
RedHat	6	x86_64	libreoffice-rhino	< 3.4.5.2-16.1.el6_3	libreoffice-rhino-3.4.5.2-16.1.el6_3.x86_64.rpm
RedHat	6	s390x	libreoffice-langpack-zh-hans	< 3.4.5.2-16.1.el6_3	libreoffice-langpack-zh-Hans-3.4.5.2-16.1.el6_3.s390x.rpm
RedHat	6	ppc64	libreoffice-langpack-bg	< 3.4.5.2-16.1.el6_3	libreoffice-langpack-bg-3.4.5.2-16.1.el6_3.ppc64.rpm
RedHat	6	i686	libreoffice-langpack-hi	< 3.4.5.2-16.1.el6_3	libreoffice-langpack-hi-3.4.5.2-16.1.el6_3.i686.rpm
RedHat	6	s390x	libreoffice-langpack-sv	< 3.4.5.2-16.1.el6_3	libreoffice-langpack-sv-3.4.5.2-16.1.el6_3.s390x.rpm
RedHat	6	i686	libreoffice-langpack-ts	< 3.4.5.2-16.1.el6_3	libreoffice-langpack-ts-3.4.5.2-16.1.el6_3.i686.rpm
RedHat	6	noarch	autocorr-lb	< 3.4.5.2-16.1.el6_3	autocorr-lb-3.4.5.2-16.1.el6_3.noarch.rpm
RedHat	6	i686	libreoffice-langpack-zh-hant	< 3.4.5.2-16.1.el6_3	libreoffice-langpack-zh-Hant-3.4.5.2-16.1.el6_3.i686.rpm
RedHat	6	s390x	libreoffice-langpack-ve	< 3.4.5.2-16.1.el6_3	libreoffice-langpack-ve-3.4.5.2-16.1.el6_3.s390x.rpm