Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

openSUSE Leap 15.1: 2019:2709-1 Moderate: LibreOffice Macro Bypass

opensuse
Calendar Grey December 31, 2019
Dist Opensuse Esm H88
Concerning a significant LibreOffice correction for openSUSE: 2019:2709-1 involving necessary software enhancements and fixes.
An update that solves one vulnerability and has three fixes is now available.

Description

This update libreoffice and libraries fixes the following issues:

LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and

stability fixes.

More information for the 6.3 release at:

https://wiki.documentfoundation.org/ReleaseNotes/6.3

Security issue fixed:

- CVE-2019-9853: Fixed an issue where by executing macros, the security

settings could have been bypassed (bsc#1152684).

Other issues addressed:

- Dropped disable-kde4 switch, since it is no longer known by configure

- Disabled gtk2 because it will be removed in future releases

- librelogo is now a standalone sub-package (bsc#1144522).

- Partial fixes for an issue where Table(s) from DOCX showed wrong

position or color (bsc#1061210).

cmis-client was updated to 0.5.2:

* Removed header for Uuid's sha1 header(bsc#1105173).

* Fixed Google Drive login

* Added support for Google Drive two-factor authentication

* Fixed access to SharePoint root folder

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate software update bug fix openSUSE LibreOffice macro bypass

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2709=1

Package List

- openSUSE Leap 15.1 (i586 x86_64):

myspell-dictionaries-20191016-lp151.2.6.1

myspell-lightproof-en-20191016-lp151.2.6.1

myspell-lightproof-hu_HU-20191016-lp151.2.6.1

myspell-lightproof-pt_BR-20191016-lp151.2.6.1

myspell-lightproof-ru_RU-20191016-lp151.2.6.1

- openSUSE Leap 15.1 (noarch):

libmwaw-devel-doc-0.3.15-lp151.2.3.1

libreoffice-branding-upstream-6.3.3.2-lp151.3.9.1

libreoffice-gdb-pretty-printers-6.3.3.2-lp151.3.9.1

libreoffice-glade-6.3.3.2-lp151.3.9.1

libreoffice-icon-themes-6.3.3.2-lp151.3.9.1

libreoffice-l10n-af-6.3.3.2-lp151.3.9.1

libreoffice-l10n-am-6.3.3.2-lp151.3.9.1

libreoffice-l10n-ar-6.3.3.2-lp151.3.9.1

libreoffice-l10n-as-6.3.3.2-lp151.3.9.1

libreoffice-l10n-ast-6.3.3.2-lp151.3.9.1

libreoffice-l10n-be-6.3.3.2-lp151.3.9.1

libreoffice-l10n-bg-6.3.3.2-lp151.3.9.1

libreoffice-l10n-bn-6.3.3.2-lp151.3.9.1

libreoffice-l10n-bn_IN-6.3.3.2-lp151.3.9.1

libreoffice-l10n-bo-6.3.3.2-lp151.3.9.1

libreoffice-l10n-br-6.3.3.2-lp151.3.9.1

libreoffice-l10n-brx-6.3.3.2-lp151.3.9.1

libreoffice-l10n-bs-6.3.3.2-...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2019-9853.html

https://bugzilla.suse.com/1061210

https://bugzilla.suse.com/1105173

https://bugzilla.suse.com/1144522

https://bugzilla.suse.com/1152684

--

Announcement ID: openSUSE-SU-2019:2709-1
Rating: moderate
Affected Products: openSUSE Leap 15.1 le.

Topics%20covered

Topics Covered

security advisory moderate software update bug fix openSUSE LibreOffice macro bypass

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here