[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 3703-1] libreoffice security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3703-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien Roucariès
December 31, 2023                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libreoffice
Version        : 1:6.1.5-3+deb10u11
CVE ID         : CVE-2020-12801 CVE-2020-12802 CVE-2020-12803 CVE-2023-6185 
                 CVE-2023-6186

Multiple vulnerabilities have been discovered in LibreOffice an 
office productivity software suite:

CVE-2020-12801

    If LibreOffice has an encrypted document
    open and crashes, that document is auto-saved encrypted.
    On restart, LibreOffice offers to restore the document
    and prompts for the password to decrypt it. If the recovery
    is successful, and if the file format of the recovered document
    was not LibreOffice's default ODF file format, then affected versions
    of LibreOffice default that subsequent saves of the document
    are unencrypted. This may lead to a user accidentally saving
    a MSOffice file format document unencrypted while believing
    it to be encrypted.

CVE-2020-12802

    LibreOffice has a 'stealth mode' in which only
    documents from locations deemed 'trusted' are allowed to
    retrieve remote resources. This mode is not the default mode,
    but can be enabled by users who want to disable LibreOffice's ability
    to include remote resources within a document. A flaw existed
    where remote graphic links loaded from docx documents were omitted
    from this protection.

CVE-2020-12803

    ODF documents can contain forms to be
    filled out by the user. Similar to HTML forms, the contained
    form data can be submitted to a URI, for example, to an external
    web server. To create submittable forms, ODF implements the
    XForms W3C standard, which allows data to be submitted without
    the need for macros or other active scripting. LibreOffice allowed
    forms to be submitted to any URI, including file: URIs, enabling
    form submissions to overwrite local files. User-interaction
    is required to submit the form, but to avoid the possibility
    of malicious documents engineered to maximize the possibility of
    inadvertent user submission this feature has now been limited to
    http[s] URIs, removing the possibility to overwrite local files.
    
CVE-2023-6185

    An Improper Input Validation vulnerability
    was found in GStreamer integration of The Document
    Foundation LibreOffice allows an attacker to execute arbitrary
    GStreamer plugins. In affected versions the filename of the
    embedded video is not sufficiently escaped when passed to
    GStreamer enabling an attacker to run arbitrary
    gstreamer plugins depending on what plugins are installed
    on the target system.

CVE-2023-6186

    LibreOffice supports hyperlinks.
    In addition to the typical common protocols such as
    http/https hyperlinks can also have target URLs that
    can launch built-in macros or dispatch built-in
    internal commands. In affected version of LibreOffice
    there are scenarios where these can be executed without warning
    if the user activates such hyperlinks. In later versions
    the users's explicit macro execution permissions
    for the document are now consulted if these non-typical
    hyperlinks can be executed. The possibility to use these
    variants of hyperlink targets for floating frames has been removed.

For Debian 10 buster, these problems have been fixed in version
1:6.1.5-3+deb10u11.

We recommend that you upgrade your libreoffice packages.

For the detailed security status of libreoffice please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libreoffice

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmWRNDUACgkQADoaLapB
CF/fpg/7Bv7opjunuVB9lic/LMnSlCdehkONDG3lrneMXg6vBdkjYKTXaBpRbcOU
VWU+mGOboY7sJ5Zd3QaPVPzLIxqiHlEUwuGgbqwOV68cSvAJ8YyQYHsMNs46CwBp
ufgeIIxIU3kK7y6dzdITaxT/CGkFCz/urEp6wKNLSyqlE+5MC5uK+f4PEqGsqV+D
sN1HhZCei+9+5GUnY3SgFCEY2NSTo1FYDZO1dC46JPrbEzjn/DvwiqRq5dYmWkAw
dCg2+2RCv/27iDfCPsBR2OLHZPV+7nePUbvPGfOS/V5QUrmQo3tdgG4CLNujYLmV
QrqQVsVR/vN7uu4FMqD5AbQbRvgb478M90B8MKTG/iH8Z/nrf5ul+l2yVuoqwbPr
7cED1K6XVlZ7oYIdkaZx2Us0No8mo9Vd0wxGxy/yS6SC9voP9kgg0iK0OTpAZAK/
rO16nqwG7SzbAoOEkaQydzjm58B5eZImgLQvNIrPpY+ybitMuQ4BeYkl6UxImb9a
kJOR2mSQOP+D/rJWNfeg7BL4M715JPF6XkbLnj3mNRIayLw+UlzLWDFdY8HzNdPM
ApKu+eYLrYalg8rVIdElRQMdNyAeauH49ej+lsDhwUIC/Gbmhcv+q/RrQfVaL6xT
b7M5QlyJrino+XLLXCkTcchFKwFD9bcFjDB4ARkFkZlOAVpntbQ=
=Rpn4
-----END PGP SIGNATURE-----
Reply to: