| Revision Date: | 2019-09-18 | Version: | 1 |
| Title: | Security update for libreoffice (Moderate) |
| Description: |
This update for libreoffice fixes the following issues:
Updated to version 6.2.7.1.
Security issues fixed:
- CVE-2019-9849: Disabled fetching remote bullet graphics in 'stealth mode' (bsc#1141861). - CVE-2019-9848: Fixed an arbitrary script execution via LibreLogo (bsc#1141862). - CVE-2019-9851: Fixed LibreLogo global-event script execution issue (bsc#1146105). - CVE-2019-9852: Fixed insufficient URL encoding flaw in allowed script location check (bsc#1146107). - CVE-2019-9850: Fixed insufficient URL validation that allowed LibreLogo script execution (bsc#1146098). - CVE-2019-9854: Fixed unsafe URL assembly flaw (bsc#1149944). - CVE-2019-9855: Fixed path equivalence handling flaw (bsc#1149943)
Non-security issue fixed:
- SmartArt: Basic rendering of Trapezoid List (bsc#1133534).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1133534
1141861
1141862
1146098
1146105
1146107
1149943
1149944
CVE-2019-9848
CVE-2019-9849
CVE-2019-9850
CVE-2019-9851
CVE-2019-9852
CVE-2019-9854
CVE-2019-9855
SUSE-SU-2019:2402-1
|
| Platform(s): | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
| Product(s): | |