Security update for libreoffice (moderate)

2018-05-1700:07:31

lists.opensuse.org

0.016 Low

EPSS

Percentile

87.6%

JSON

This update for libreoffice to 6.0.4.2 fixes lots of bugs and also the
following issues:

Security issues fixed:

CVE-2018-10120: The SwCTBWrapper::Read function in
sw/source/filter/ww8/ww8toolbar.cxx did not validate a customizations
index, which allowed remote attackers to cause a denial of service
(heap-based buffer overflow with write access) or possibly have
unspecified other impact via a crafted document that contains a certain
Microsoft Word record. (bsc#1089706)
CVE-2018-10119: sot/source/sdstor/stgstrms.cxx used an incorrect integer
data type in the StgSmallStrm class, which allowed remote attackers to
cause a denial of service (use-after-free with write access) or possibly
have unspecified other impact via a crafted document that uses the
structured storage ole2 wrapper file format. (bsc#1089705)

Other issues fixed:

DOCX import: missing table background color
Bring back offline help per popular demand as lto saves space we could
use with it bsc#915996

This update was imported from the SUSE:SLE-12-SP3:Update update project.

OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.3noarchlibreoffice-l10n-kn< 6.0.4.2-21.1libreoffice-l10n-kn-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3noarchlibreoffice-l10n-ts< 6.0.4.2-21.1libreoffice-l10n-ts-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3noarchlibreoffice-l10n-sk< 6.0.4.2-21.1libreoffice-l10n-sk-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3noarchlibreoffice-l10n-el< 6.0.4.2-21.1libreoffice-l10n-el-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3noarchlibreoffice-l10n-lt< 6.0.4.2-21.1libreoffice-l10n-lt-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3noarchlibreoffice-l10n-kk< 6.0.4.2-21.1libreoffice-l10n-kk-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3noarchlibreoffice-l10n-gu< 6.0.4.2-21.1libreoffice-l10n-gu-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3noarchlibreoffice-l10n-uk< 6.0.4.2-21.1libreoffice-l10n-uk-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3noarchlibreoffice-l10n-pt_pt< 6.0.4.2-21.1libreoffice-l10n-pt_PT-6.0.4.2-21.1.noarch.rpm
openSUSE Leap42.3x86_64libreoffice-officebean-debuginfo< 6.0.4.2-21.1libreoffice-officebean-debuginfo-6.0.4.2-21.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	42.3	noarch	libreoffice-l10n-kn	< 6.0.4.2-21.1	libreoffice-l10n-kn-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	noarch	libreoffice-l10n-ts	< 6.0.4.2-21.1	libreoffice-l10n-ts-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	noarch	libreoffice-l10n-sk	< 6.0.4.2-21.1	libreoffice-l10n-sk-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	noarch	libreoffice-l10n-el	< 6.0.4.2-21.1	libreoffice-l10n-el-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	noarch	libreoffice-l10n-lt	< 6.0.4.2-21.1	libreoffice-l10n-lt-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	noarch	libreoffice-l10n-kk	< 6.0.4.2-21.1	libreoffice-l10n-kk-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	noarch	libreoffice-l10n-gu	< 6.0.4.2-21.1	libreoffice-l10n-gu-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	noarch	libreoffice-l10n-uk	< 6.0.4.2-21.1	libreoffice-l10n-uk-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	noarch	libreoffice-l10n-pt_pt	< 6.0.4.2-21.1	libreoffice-l10n-pt_PT-6.0.4.2-21.1.noarch.rpm
openSUSE Leap	42.3	x86_64	libreoffice-officebean-debuginfo	< 6.0.4.2-21.1	libreoffice-officebean-debuginfo-6.0.4.2-21.1.x86_64.rpm