Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 555
Alerts This Week
Warning Icon 1 555

SUSE: 2018:2485-2 Moderate: Libreoffice Information Disclosure Fix

suse
Calendar Grey December 7, 2018
Dist Suse Esm H88
This patch resolves a vulnerability related to information disclosure within LibreOffice and also includes ten other corrections for SUSE software packages.
An update that solves one vulnerability and has 10 fixes is now available

Summary

This update for libreoffice to 6.0.5.2 fixes the following issues: Security issues fixed: - CVE-2018-10583: An information disclosure vulnerability occurs during automatic processing and initiating an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. (bsc#1091606) Non security issues fixed: - Bugfix: Table borders appear black in LibreOffice (while white in PowerPoint) (bsc#1088262) - Bugfix: LibreOffice extension 'Language Tool' fails after Tumbleweed update (bsc#1050305) - Bugfix: libreoffice-gnome can no longer be installed in parallel to libreoffice-gtk3 as there is a potential file conflict (bsc#1096673)

References

#1050305 #1088262 #1088263 #1091606 #1091772

#1092699 #1094359 #1095601 #1095639 #1096673

#1098891

Cross- CVE-2018-10583

Affected Products:

SUSE Linux Enterprise Workstation Extension 12-SP4

SUSE Linux Enterprise Software Development Kit 12-SP4

SUSE Linux Enterprise Desktop 12-SP4

https://www.suse.com/security/cve/CVE-2018-10583.html

https://bugzilla.suse.com/1050305

https://bugzilla.suse.com/1088262

https://bugzilla.suse.com/1088263

https://bugzilla.suse.com/1091606

https://bugzilla.suse.com/1091772

https://bugzilla.suse.com/1092699

https://bugzilla.suse.com/1094359

https://bugzilla.suse.com/1095601

https://bugzilla.suse.com/1095639

https://bugzilla.suse.com/1096673

https://bugzilla.suse.com/1098891

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:2485-2
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.