tl;dr Upgrade to 7.6.7 or 24.2.3
---
CVE-2024-3044: Graphic on-click binding allows unchecked script
execution
Fixed in: LibreOffice 7.6.7/24.2.3
Description:
LibreOffice supports binding scripts to click events on graphics. In
affected version of LibreOffice there are scenarios where built-in
tl;dr Upgrade to 7.5.9 or 7.6.4
---
CVE-2023-6185: Improper input validation enabling arbitrary Gstreamer
pipeline injection
Fixed in: LibreOffice 7.5.9/7.6.3
Description:
LibreOffice supports embedded videos in file formats via platform
audio/video support. Typically under Linux this is via g
tl;dr: upgrade to LibreOffice >= 7.5.7 or >= 7.6.2
LibreOffice typically (unless provided by a Linux distribution)
contains a bundled copy of the 3rd party library, libwebp
CVE-2023-4863 was reported for libwebp < 1.3.2 so correspondingly
libweb was upgraded to 1.3.2 in the 7.5.7 and 7.6.2 releas
tl;dr: upgrade to LibreOffice >= 7.4.6 or >= 7.5.1
CVE-2023-1183 Arbitrary File Write in hsqldb 1.8.0
Fixed in: LibreOffice 7.4.6/7.5.1
Description:
LibreOffice supports embedded databases in its odb file format. The
most common format is hsqldb. LibreOffice typically contains a copy of
hsqldb
tl;dr: upgrade to LibreOffice >= 7.4.7 or >= 7.5.3
CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing
Fixed in: LibreOffice 7.4.6/7.5.1
Description:
In the affected versions of LibreOffice certain malformed spreadsheet
formulas, such as AGGREGATE, could be created with less parameters
tl;dr: upgrade to LibreOffice >= 7.2.6 or >= 7.3.1, (which was already
recommended)
https://www.libreoffice.org/about-us/security/advisories/CVE-2022-38745
CVE-2022-38745: Empty entry in Java class path risks arbitrary code
execution
Fixed in: LibreOffice 7.2.6/7.3.1
Description:
Most versions
tl;dr: Upgrade to 7.3.6 or 7.4.1
CVE-2022-3140: Macro URL arbitrary script execution
LibreOffice supports Office URI Schemes to enable browser integration
of LibreOffice with MS SharePoint server. An additional scheme
'vnd.libreoffice.command' specific to LibreOffice was added. In the
affected ve
tl:dr upgrade LibreOffice 7-2 to 7.2.7,
and/or upgrade LibreOffice 7-3 to 7.3.3
CVE-2022-26305 Execution of Untrusted Macros Due to Improper
Certificate Validation
Due to a poor mechanism for comparing the authors of certificates it
was possible to make a digitally signed document containing mac
tl:dr upgrade to LibreOffice 7-2 to 7.2.5
(or libreoffice 7.3.0)
LibreOffice supports digital signatures of ODF documents and macros
within documents, presenting visual aids that no alteration of the
document occurred since the last signing and that the signature is
valid.
The Network and Data Se
tl;dr: upgrade to 7.1.8 or 7.2.4
The install sets of LibreOffice as provided by TDF include a bundled
copy of Mozilla's NSS library. Before 7.1.8/7.2.4 the bundled NSS is
affected by:
CVE-2021-43527 Memory corruption via DER-encoded DSA and RSA-PSS
signatures
https://www.mozilla.org/en-US/securi
tl:dr upgrade to LibreOffice 7-0 to 7.0.6, libreoffice 7-1 to 7.1.2
(or libreoffice 7.2.0)
LibreOffice supports digital signatures of ODF documents and macros
within documents, presenting visual aids that no alteration of the
document occurred since the last signing and that the signature is
valid
tl;dr: macOS users should upgrade to 7.0.6 or 7.1.3
CVE-2021-25632: fileloc extension added to macOS executable denylist
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25632
--
To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org
Problems? https://www.libreof
On Fri, 2021-04-16 at 12:04 +0200, William Gathoye (LibreOffice) wrote:
> On 15/04/2021 21:55, Caolán McNamara wrote:
> > [...]
> > In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the
> > 7-
> > 0 series in versions prior to 7.0.5
> > [...]
>
tl;dr: Windows users should upgrade to 7.0.5 or 7.1.2
LibreOffice has a feature where hyperlinks in a document can be
activated by CTRL+click. Under Windows the link can be passed to the
system ShellExecute function for handling. LibreOffice contains a
denylist of extensions that it blocks from pa
CVE-2020-12802 remote graphics contained in docx format retrieved in
'stealth mode'
If you are using the (off by default) setting to only allow documents
in "trusted location" to download remote resources then 6.4.4 fixes a
case in the .docx import path where that protection didn't apply.
CVE-202
CVE-2020-12801 Crash-recovered MSOffice encrypted documents defaulted
to not to using encryption on next save
If LibreOffice has an encrypted document open and crashes, that
document is auto-saved encrypted. On restart, LibreOffice offers to
restore the document and prompts for the password to dec
tl;dr: Ensure you are upgraded to at least 6.2.7 and 6.3.1
CVE-2019-9853: Insufficient URL decoding flaw in categorizing macro
location
LibreOffice documents can contain macros. The execution of those macros
is controlled by the document security settings, typically execution of
macros are
td;dr: Upgrade to 6.2.7 or 6.3.1
CVE-2019-9854 Unsafe URL assembly flaw in allowed script location check
Protection was added to address CVE-2019-9852, to avoid a directory
traversal attack where scripts in arbitrary locations on the file
system could be executed by employing a URL encoding attac
On Thu, 2019-08-15 at 21:28 +0200, Jean-Baptiste Faure wrote:
> Le 15/08/2019 à 12:52, Caolán McNamara a écrit :
> > tl;dr; Upgrade to >= 6.2.6 or >= 6.0.0.
>
> I guess you mean ... or >= 6.3.0
Yes, indeed, oops, 6.3.0. Advisory texts are correct, email here was
not.
-
tl;dr; Upgrade to >= 6.2.6 or >= 6.0.0.
There is a cluster of issues here.
CVE-2019-9850 Insufficient url validation allowing LibreLogo script
execution
There was a way to encode the script url that could bypass the fix of
CVE-2019-9848
https://www.libreoffice.org/about-us/security/advisor
On Fri, 2019-08-09 at 21:38 -0700, Derek Currie wrote:
> A further patch was supposed to be applied in version
> 6.3.4 this week.
> And yet there is no record in the release notes of that patch.
> Instead, there is an incorrect listing that CVE-2019-9848 was patched
> in v6.2.5.2, which has been pu
tl;dr: Upgrade to 6.2.5
CVE-2019-9848: LibreLogo arbitrary script execution
Prior to 6.2.5 it is possible to construct malicious documents which
can execute arbitrary python silently if the LibreLogo script is
installed. LibreLogo is installed by default in the binary builds of
LibreOffice provid
tl;dr: Upgrade to 6.1.6 or 6.2.3
CVE-2019-9847 Executable hyperlink targets executed unconditionally on
activation
Before 6.1.6/6.2.3 under Windows and macOS when processing a hyperlink
target explicitly activated by the user, as in you explicitly click on
a hyperlink in some LibreOffice applicat
CVE-2018-16858: Directory traversal flaw in script execution
tl;dr: Fixed in 6.0.7 and 6.1.3
LibreOffice has a feature where documents can specify that pre-
installed macros can be executed on various document events such as
mouse-over, etc.
Prior to 6.0.7/6.1.3 LibreOffice was vulnerable to a d
A CVE VE-2018-14939 was logged about a buffer overrun in our realpath
usage in function get_app_path. We contend there is no bug in
LibreOffice and no action is required
https://www.libreoffice.org/about-us/security/advisories/CVE-2018-14939
--
To unsubscribe e-mail to: discuss+unsubscr...@docum
CVE-2018-10583 was assigned for Information disclosure via SMB link
embedded in ODF document
A LibreOffice document with a linked image, which is on a samba share,
will cause LibreOffice to automatically initiate a samba connection to
retrieve the image. This is analogous to how opening HTML docum
TL;DR; Upgrade to >= 5.4.6 or >= 6.0.2
https://www.libreoffice.org/about-us/security/advisories/CVE-2018-10119
CVE-2018-10119 Use After Free in Structured Storage parser
Fixed in LibreOffice 5.4.5/6.0.1
LibreOffice before 5.4.5 and 6.x before 6.0.1 have a flaw in an edge
case in processing the s
tl/dr: upgrade to 5.4.5/6.0.1
CVE-2018-1055: Remote arbitrary file disclosure vulnerability via
WEBSERVICE formula
LibreOffice Calc supports a WEBSERVICE function to obtain data by URL.
Vulnerable versions of LibreOffice allow WEBSERVICE to take a local
file URL (e.g file://) which can be used to
Apache Openoffice has announced (https://www.openoffice.org/security/bu
lletin.html) the following four CVEs
CVE-2017-3157: Arbitrary file disclosure in Calc and Writer
This was earlier announced for LibreOffice as https://www.libreoffice.o
rg/about-us/security/advisories/CVE-2017-3157 as addres
CVE-2017-8358 was filed for a heap buffer overflow in the JPG reader.
For the sake of clarity this specific bug was present from the 15th of
March 2017 to the 17th of March 2017 and was never included in any
release.
--
To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org
Problems
tl;dr: All users are recommended to upgrade to LibreOffice >= 5.2.5 or
>= 5.3.0.
Recently 4 CVEs were filed for LibreOffice, namely...
CVE-2016-10327 Heap-buffer-overflow in EMF filter
CVE-2017-7856 Heap-buffer-overflow in WMF filter
CVE-2017-7882 Heap-buffer-overflow in HWP filter
CVE-2017-787
Fixed in LibreOffice 5.1.6/5.2.2/5.3.0
---
CVE-2017-3157 Arbitrary file disclosure in Calc and Writer
http://www.libreoffice.org/about-us/security/advisories/CVE-2017-3157
Embedded Objects in writer and calc can contain previews of their
content. A document can be crafted which contains an embedd
Parsing the Rich Text Format character style index was insufficiently
checked for validity. Documents can be constructed which dereference an
iterator to the first entry of an empty STL container.
All users are recommended to upgrade to LibreOffice >= 5.1.4
Thanks to the researchers working with
We had a set of lwp filter parsing issues.
CVE-2016-0795 LotusWordPro Bounds overflows in LwpTocSuperLayout
processing
This is fixed in 5.0.5 and 5.1.0
CVE-2016-0794 LotusWordPro Multiple bounds overflows in lwp filter
There was a bunch more which got fixed earlier in 5.0.4 and 5.1.0
Thanks to
On Sun, 2015-11-08 at 23:23 +0100, Rene Engelhard wrote:
> I did some research today based on the commit messages - and when I
> am not mistaken
> most of them are fixed in 5.0.0 but CVE-2015-5214 is fixed only in
> 5.0.1.
> (But still long before 5.0.3)
Yeah, rene's right. 5.0.1 is the oldest 5.0
Bottom Line: ensure you are upgraded to at least 4.4.6 or 5.0.0
Fixed in LibreOffice 4.4.6/5.0.0
CVE-2015-5214 DOC Bookmark Status Memory Corruption
http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
Fixed in LibreOffice 4.4.5/5.0.0
CVE-2015-4551 Arbitrary file disclosure in
On Sun, 2014-07-13 at 17:19 +0200, penttila wrote:
> Hi, A new Hunspell version (1.3.3) is out since 2014 Jun 2, after more
> than three years of development containing several bug fixes.
> (http://hunspell.sourceforge.net)Will this new version be inluded in
> the upcomming LibreOffice 4.3?
I ca
A bit slow announcing this one personally, though its been out on the
wires for distributions and other sources for a few weeks now.
LibreOffice 4.2.5 fixes a bug that crept into 4.1.4 onwards where the
vba macros in Microsoft Office documents loaded into LibreOffice would
effectively ignore the m
On Thu, 2014-03-20 at 20:28 -0400, Kracked_P_P---webmaster wrote:
> On 03/20/2014 12:20 PM, Caolán McNamara wrote:
> > A bit slow announcing this one, the bundled python in 4.1.4 and earlier
> > has some various potential security flaws which are fixed in a later
> > version
A bit slow announcing this one, the bundled python in 4.1.4 and earlier
has some various potential security flaws which are fixed in a later
version of python. So we now bundle that later version of python since
4.1.5. It's recommended to use that version of LibreOffice (unless you
get your LibreOf
Apache OpenOffice has announced the details of CVE-2013-2189 and
CVE-2013-4156 as they affect Apache OpenOffice, i.e.
CVE-2013-2189: CVE-2013-2189: OpenOffice DOC Memory Corruption
Vulnerability
http://permalink.gmane.org/gmane.comp.apache.maven.announce/1503
CVE-2013-4156: OpenOffice DOCM Memory
CVE-2012-4233: Multiple file format denial of service vulnerabilities
Fixed in: LibreOffice 3.5.7/3.6.1
Thanks to High-Tech Bridge for reporting these flaws. Users are
recommended to upgrade to 3.5.7 or 3.6.1 to avoid these flaws
There are fairly mild denial of service (libreoffice just crashes r
https://www.libreoffice.org/advisories/
CVE-2012-2665 Multiple heap-based buffer overflows in the XML manifest
encryption handling code
Multiple heap-based buffer overflow flaws were found in the XML
manifest encryption tag parsing code of LibreOffice. An attacker could
create a specially-crafted
On Wed, 2012-05-16 at 12:29 -0700, NoOp wrote:
> Any idea if 3.5.3 also addresses this one that also came out today?
> http://www.openoffice.org/security/cves/CVE-2012-2149.html
This is actually "libwpd", which gets bundled into non-distro builds.
The advisory relates to a very old version of libw
https://www.libreoffice.org/advisories/
CVE-2012-1149 Integer overflows in graphic object loading
An integer overflow vulnerability in LibreOffice graphic loading code
could allow a remote attacker to cause a denial of service (application
crash) or potentially execute arbitrary code on vulnerabl
On Tue, 2011-12-13 at 15:44 -0800, gptscorp wrote:
> Hello,
>
> I have followed the instructions on
> http://www.libreoffice.org/get-involved/developers/ several times and get
> all types of quirky messages, and no matter what I do the build do succeed.
> What am I doing wrong? In help/suggestio
ut both as a fulltime developer on the project and as a
representative of a growing number of LibreOffice developers at Red Hat,
I believe I can help provide a helpful balance of interests in the
board.
Full Name & email: Caolán McNamara
Cooperate Affiliation: Red Hat, Inc.
C.
-
ut both as a fulltime developer on the project and as a
representative of a growing number of LibreOffice developers at Red Hat,
I believe I can help provide a helpful balance of interests in the
board.
Full Name & email: Caolán McNamara
Cooperate Affiliation: Red Hat, Inc.
C.
-
On Wed, 2011-09-14 at 16:23 +0200, Carlo Strata wrote:
> If there is a code that we can point to (and that we'll have to get to
> improve quality and interoperability) this is surely that of all Lotus
> native read/write filters!!! Of course! :-) ;-)
The irony is that AOOo doesn't actually have
On Tue, 2011-09-13 at 22:09 -0500, J.B. Nicholson-Owens wrote:
> Caolán McNamara wrote:
> > We don't have a lot of these document for testing. Two actually :-),
>
> If one wanted to learn about the format of Lotus Wordpro files, where
> would one go to get specification
On Wed, 2011-08-31 at 11:06 -0400, subs wrote:
> On 8/31/2011 10:54 AM, Caolán McNamara wrote:
> >
> > We don't have a lot of these document for testing. Two actually :-),
> > Sent this early.
> >
> > http://cgit.freedesktop.org/libreoffice/core/plain/lot
On Mon, 2011-08-29 at 12:55 -0400, Terrence Enger wrote:
> On Mon, 2011-08-29 at 09:00 +0100, Caolán McNamara wrote:
> > On Sun, 2011-08-28 at 07:34 -0400, Terrence Enger wrote:
> > > The remaining questions are ... Does anybody else share the
> > > problem of the
On Wed, 2011-08-31 at 15:51 +0100, Caolán McNamara wrote:
> On Wed, 2011-08-31 at 08:23 -0400, libo wrote:
> > Is anyone able to open Lotus Wordpro files in any Version 3.4?
> > 3.4.2 would generated a i/o error and 3.4.3 give me a blank file.
>
>
> We don't hav
On Wed, 2011-08-31 at 08:23 -0400, libo wrote:
> Is anyone able to open Lotus Wordpro files in any Version 3.4?
> 3.4.2 would generated a i/o error and 3.4.3 give me a blank file.
We don't have a lot of these document for testing. Two actually :-),
--
Unsubscribe instructions: E-mail to disc
On Sun, 2011-08-28 at 08:29 -0400, Terrence Enger wrote:
> Hello, all.
>
> Now that my system holds more than one build from master, my
> small mind is even more subject to confusion than it used to
> be. So, I wonder ...
>
> (*) Is there an easy way to display the build id of
> soffice.bin
On Sun, 2011-08-28 at 07:34 -0400, Terrence Enger wrote:
> The remaining questions are ... Does anybody else share the
> problem of the ineffective "MacroSecurity..." button?
No, works fine here.
> Does anybody care?
Sure, but it works for me.
C.
--
Unsubscribe instructions: E-mail to discu
On Wed, 2011-06-22 at 14:18 +0200, Fernand Vanrie wrote:
> So please can someone make this small change in the API
You *might* get some change out of the com.sun.star.mail.MailMessage
service which implements XMailMessage which has a (horribly-complex)
route to set the body of the email.
(com.su
Wasn't subscribed to this list earlier, so I'll just hijack the first
mail from the copyright thread to reply to to state my own opinion on
copyright assignments.
So, I'm not a huge fan of them and believe they put contributors off.
None of the various projects I've contributed to outside of
OpenO
58 matches
Mail list logo
