Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 506
Alerts This Week
Warning Icon 1 506

Ubuntu 20.04 LTS: 5661-1 Critical: LibreOffice Macro Execution Risk

ubuntu
Calendar Grey October 6, 2022
Dist Ubuntu Esm H88
Numerous vulnerabilities addressed in LibreOffice on Ubuntu, bolstering protective measures against possible intrusions.
Several security issues were fixed in LibreOffice.

Summary

Several security issues were fixed in LibreOffice.

Software Description:

- libreoffice: Office productivity suite

Details:

It was discovered that LibreOffice incorrectly validated macro signatures.

If a user were tricked into opening a specially crafted document, a remote

attacker could possibly use this issue to execute arbitrary macros.

(CVE-2022-26305)

It was discovered that Libreoffice incorrectly handled encrypting the

master key provided by the user for storing passwords for web connections.

A local attacker could possibly use this issue to obtain access to

passwords stored in the user's configuration data. (CVE-2022-26306,

CVE-2022-26307)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  libreoffice                     1:6.4.7-0ubuntu0.20.04.5

In general, a standard system update will make all the necessary changes.

References

CVE-2022-26305, CVE-2022-26306, CVE-2022-26307

Severity
critical
Lowest
Low
Medium
High
Critical

October 06, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.