Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

SUSE: 2018:2535-1 Moderate: LibreOffice Information Disclosure

suse
Calendar Grey August 28, 2018
Dist Suse Esm H88
SUSE Security Patch for LibreOffice resolves a data leak vulnerability. Refer to the announcement for comprehensive details and update guidance.
An update that solves one vulnerability and has 6 fixes is now available

Summary

This update for libreoffice to 6.0.5.2 fixes the following issues: Security issues fixed: - CVE-2018-10583: An information disclosure vulnerability occurs during automatic processing and initiating an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. (bsc#1091606) Non security issues fixed: - Bugfix: Table borders appear black in LibreOffice (while white in PowerPoint) (bsc#1088262) - Bugfix: LibreOffice extension 'Language Tool' fails after Tumbleweed update (bsc#1050305) - Bugfix: libreoffice-gnome can no longer be installed in parallel to libreoffice-gtk3 as there is a potential file conflict (bsc#1096673)

References

#1050305 #1088262 #1091606 #1091772 #1092699

#1094359 #1096673

Cross- CVE-2018-10583

Affected Products:

SUSE Linux Enterprise Workstation Extension 15

https://www.suse.com/security/cve/CVE-2018-10583.html

https://bugzilla.suse.com/1050305

https://bugzilla.suse.com/1088262

https://bugzilla.suse.com/1091606

https://bugzilla.suse.com/1091772

https://bugzilla.suse.com/1092699

https://bugzilla.suse.com/1094359

https://bugzilla.suse.com/1096673

Announcement ID: SUSE-SU-2018:2535-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.