OVAL Reference oval:org.opensuse.security:def:125970

Oval Definition:

oval:org.opensuse.security:def:125970

Revision Date:	2019-09-18	Version:	1
Title:	Security update for libreoffice (Moderate)
Description:	This update for libreoffice to version 6.2.7.1 fixes the following issues: Security issues fixed: - CVE-2019-9849: Disabled fetching remote bullet graphics in 'stealth mode' (bsc#1141861). - CVE-2019-9848: Fixed an arbitrary script execution via LibreLogo (bsc#1141862). - CVE-2019-9851: Fixed LibreLogo global-event script execution issue (bsc#1146105). - CVE-2019-9852: Fixed insufficient URL encoding flaw in allowed script location check (bsc#1146107). - CVE-2019-9850: Fixed insufficient URL validation that allowed LibreLogo script execution (bsc#1146098). - CVE-2019-9854: Fixed unsafe URL assembly flaw (bsc#1149944). - CVE-2019-9855: Fixed path equivalence handling flaw (bsc#1149943) Non-security issue fixed: - SmartArt: Basic rendering of Trapezoid List (bsc#1133534)
Family:	unix	Class:	patch
Status:		Reference(s):	1133534 1141861 1141862 1146098 1146105 1146107 1149943 1149944 CVE-2019-9848 CVE-2019-9849 CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 CVE-2019-9854 CVE-2019-9855 SUSE-SU-2019:2401-1
Platform(s):	SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP4	Product(s):
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND libreoffice-sdk-6.2.7.1-43.56.3 is installed

BACK