Vulnerability CVE-2019-9854

Vulnerability Name:

CVE-2019-9854 (CCN-166663)

Assigned:

2019-09-06

Published:

2019-09-06

Updated:

2020-08-24

Summary:

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice install. Protection was added, to address CVE-2019-9852, to avoid a directory traversal attack where scripts in arbitrary locations on the file system could be executed by employing a URL encoding attack to defeat the path verification step. However this protection could be bypassed by taking advantage of a flaw in how LibreOffice assembled the final script URL location directly from components of the passed in path as opposed to solely from the sanitized output of the path verification step. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.8 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-22
CWE-284

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2019-9854

Source: SUSE
Type: Third Party Advisory
openSUSE-SU-2019:2183

Source: SUSE
Type: Third Party Advisory
openSUSE-SU-2019:2361

Source: MISC
Type: Third Party Advisory
MISC

Source: XF
Type: UNKNOWN
liberoffice-cve20199854-code-exec(166663)

Source: MLIST
Type: Third Party Advisory
[debian-lts-announce] 20191006 [SECURITY] [DLA 1947-1] libreoffice security update

Source: FEDORA
Type: Third Party Advisory
FEDORA-2019-9627e1402e

Source: BUGTRAQ
Type: Mailing List, Third Party Advisory
20190910 [SECURITY] [DSA 4519-1] libreoffice security update

Source: UBUNTU
Type: Third Party Advisory
USN-4138-1

Source: DEBIAN
Type: Third Party Advisory
DSA-4519

Source: CCN
Type: LibreOffice Web site
CVE-2019-9854

Source: CONFIRM
Type: Vendor Advisory
https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/

Vulnerable Configuration:

Configuration 1:

cpe:/a:libreoffice:libreoffice:*:*:*:*:*:*:*:* (Version >= 6.2.0 and < 6.2.7)

OR cpe:/a:libreoffice:libreoffice:*:*:*:*:*:*:*:* (Version >= 6.3.0 and < 6.3.1)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:29:*:*:*:*:*:*:*

OR cpe:/o:opensuse:leap:15.0:*:*:*:*:*:*:*

OR cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 5:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 6:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 7:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:libreoffice:libreoffice:6.2:*:*:*:*:*:*:*

OR cpe:/a:libreoffice:libreoffice:6.3.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:51980	P	Security update for sudo (Important)	2023-01-20
oval:org.opensuse.security:def:20199854	V	CVE-2019-9854	2022-09-02
oval:org.opensuse.security:def:4668	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (Important)	2022-08-10
oval:org.opensuse.security:def:679	P	Security update for buildah (Moderate)	2022-08-05
oval:org.opensuse.security:def:4648	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP5) (Important)	2022-07-19
oval:org.opensuse.security:def:4640	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2022-07-06
oval:org.opensuse.security:def:3535	P	java-1_8_0-openjdk-1.8.0.222-27.35.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3547	P	libIlmImf-Imf_2_1-21-2.1.0-6.13.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3584	P	libdcerpc-binding0-32bit-4.10.5+git.129.35f7bb6e177-1.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2881	P	btrfsmaintenance-0.4.2-3.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2897	P	cron-4.2-150400.82.21 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2895	P	cpp7-7.5.0+r278197-4.30.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2857	P	Mesa-21.2.4-150400.66.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2887	P	chrony-4.1-150400.19.4 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95214	P	libreoffice-7.2.5.1-150300.14.22.18.3 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:4708	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)	2022-03-29
oval:org.opensuse.security:def:4680	P	Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP5) (Critical)	2022-02-16
oval:org.opensuse.security:def:4688	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP5) (Critical)	2022-02-16
oval:org.opensuse.security:def:1805	P	Security update for the Linux Kernel (Important)	2022-01-26
oval:org.opensuse.security:def:112807	P	libreoffice-7.1.5.2-3.13 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10708	P	Security update for gegl (Important)	2021-12-31
oval:org.opensuse.security:def:70321	P	Security update for openssh (Important)	2021-12-03
oval:org.opensuse.security:def:74383	P	Security update for MozillaFirefox (Important)	2021-10-16
oval:org.opensuse.security:def:106276	P	libreoffice-7.1.5.2-3.13 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:10695	P	Security update for grilo (Important)	2021-09-23
oval:org.opensuse.security:def:11134	P	Security update for chromium (Important)	2021-09-21
oval:org.opensuse.security:def:11127	P	Security update for gifsicle (Moderate)	2021-09-13
oval:org.opensuse.security:def:51645	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:46904	P	chrony-2.3-3.110 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47142	P	quagga-0.99.22.1-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47440	P	logrotate-3.11.0-1.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47566	P	bind-9.11.2-1.24 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47597	P	dpdk-17.11.4-3.6 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48306	P	shim-14-25.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46995	P	libXinerama1-1.1.3-3.54 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47356	P	libidn-tools-1.28-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47668	P	libQt5WebKit5-5.6.2-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47502	P	squashfs-4.3-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:11112	P	Security update for chromium (Important)	2021-08-11
oval:org.opensuse.security:def:63492	P	libreoffice-7.1.2.2-2.3 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63130	P	python3-keystoneclient-4.0.0-9.4.5 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63494	P	libsnmp30-32bit-5.7.3-8.24 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2403	P	libreoffice-7.1.2.2-2.3 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:72031	P	policycoreutils-3.0-1.20 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101052	P	procmail-3.22-2.34 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:69508	P	Security update for dbus-1 (Important)	2021-07-27
oval:org.opensuse.security:def:66873	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:57048	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:10686	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:11104	P	Security update for nextcloud (Important)	2021-07-20
oval:org.opensuse.security:def:11102	P	Security update for icinga2 (Moderate)	2021-07-19
oval:org.opensuse.security:def:11242	P	Security update for libxls (Moderate)	2021-07-08
oval:org.opensuse.security:def:51605	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:51918	P	Security update for ovmf (Important)	2021-06-24
oval:org.opensuse.security:def:73656	P	Security update for wireshark (Important)	2021-06-22
oval:org.opensuse.security:def:11851	P	libQt5Concurrent5-5.6.1-11.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10644	P	Security update for the Linux Kernel (Important)	2021-06-08
oval:org.opensuse.security:def:68794	P	Security update for the Linux Kernel (Important)	2021-06-08
oval:org.opensuse.security:def:11336	P	libXcursor1-1.1.14-3.60 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46447	P	kernel-default-3.12.28-4.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46580	P	sudo-1.8.10p3-1.21 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11412	P	libvorbis0-1.3.3-8.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11346	P	libXtst6-1.2.2-3.60 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46446	P	kbd-1.15.5-7.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12085	P	cups-filters-1.0.58-17.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11425	P	ntp-4.2.6p5-24.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12741	P	unrar-5.0.14-3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11829	P	gvim-7.4.326-2.62 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13714	P	radvd-1.9.7-2.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11261	P	MozillaFirefox-31.1.0esr-1.20 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11361	P	libfreetype6-2.5.3-2.18 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46460	P	libXinerama1-1.1.3-3.54 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46772	P	libsoup-2_4-1-2.44.2-1.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12063	P	at-3.1.14-7.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11368	P	libid3tag0-0.15.1b-182.58 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48360	P	MozillaFirefox-45.4.0esr-81.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12763	P	yast2-users-3.2.17-1.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12733	P	tar-1.27.1-15.3.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11403	P	libsnmp30-32bit-5.7.2.1-3.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13692	P	perl-32bit-5.18.2-3.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11227	P	Security update for inn (Moderate)	2021-06-07
oval:org.opensuse.security:def:5658	P	Security update for apache-commons-io (Moderate)	2021-04-20
oval:org.opensuse.security:def:51539	P	Security update for xen (Important)	2021-04-19
oval:org.opensuse.security:def:56974	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:69613	P	Security update for gnutls (Important)	2021-03-24
oval:org.opensuse.security:def:10417	P	Security update for glib2 (Important)	2021-03-19
oval:org.opensuse.security:def:4753	P	Security update for compat-openssl098 (Moderate)	2021-03-16
oval:org.opensuse.security:def:55305	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:10395	P	Security update for webkit2gtk3 (Important)	2021-02-24
oval:org.opensuse.security:def:11180	P	Security update for mumble (Moderate)	2021-02-19
oval:org.opensuse.security:def:26192	P	Security update for php72 (Important)	2021-02-17
oval:org.opensuse.security:def:38151	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:11178	P	Security update for privoxy (Moderate)	2021-02-12
oval:org.opensuse.security:def:10387	P	Security update for subversion (Important)	2021-02-10
oval:org.opensuse.security:def:26157	P	Security update for the Linux Kernel (Important)	2021-02-09
oval:org.opensuse.security:def:66965	P	Security update for python (Important)	2021-02-09
oval:org.opensuse.security:def:11169	P	Security update for python-autobahn (Moderate)	2021-01-28
oval:org.opensuse.security:def:70216	P	Security update for ImageMagick (Moderate)	2021-01-18
oval:org.opensuse.security:def:11191	P	Security update for chromium (Important)	2021-01-11
oval:org.opensuse.security:def:54748	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:5618	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:51091	P	Security update for openssl (Important)	2020-12-11
oval:org.opensuse.security:def:11027	P	Security update for minidlna (Moderate)	2020-12-10
oval:org.opensuse.security:def:4962	P	Security update for openssl-1_0_0 (Important)	2020-12-09
oval:org.opensuse.security:def:107718	P	libreoffice-6.4.4.2-11.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4046	P	libreoffice-sdk-6.2.7.1-43.56.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:94339	P	libreoffice-6.4.4.2-11.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2547	P	libreoffice-6.4.4.2-11.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13032	P	libnm-glib-vpn1-1.0.12-13.12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62472	P	libtag-devel-1.11.1-2.50 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62928	P	xorg-x11-server-sdk-1.20.3-12.29 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63268	P	krb5-plugin-kdb-ldap-1.16.3-3.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62449	P	libjpeg8-32bit-8.1.2-3.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63636	P	libreoffice-6.4.4.2-11.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16882	P	libreoffice-sdk-6.2.7.1-43.56.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12809	P	python-requests-2.18.2-8.4.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12871	P	dstat-0.7.3-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12965	P	libXxf86vm1-1.1.3-3.53 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117233	P	libreoffice-6.4.4.2-11.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13041	P	libpango-1_0-0-1.40.1-9.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17365	P	libreoffice-6.2.7.1-43.56.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13054	P	libpython2_7-1_0-2.7.13-28.31.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49034	P	libreoffice-6.2.7.1-43.56.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62649	P	libIlmImf-2_2-23-2.2.1-3.14.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62448	P	libjbig2-32bit-2.1-1.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12856	P	cups-1.7.5-20.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12890	P	gdm-3.10.0.1-54.6.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12990	P	libgme0-0.6.0-5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72147	P	libXp6-32bit-1.0.3-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4758	P	Security update for squid (Important)	2020-12-02
oval:org.opensuse.security:def:4792	P	Security update for dovecot23 (Important)	2020-12-02
oval:org.opensuse.security:def:4890	P	Security update for postgresql12 (Important)	2020-12-02
oval:org.opensuse.security:def:4929	P	Security update for xen (Important)	2020-12-02
oval:org.opensuse.security:def:4989	P	Security update for tomcat (Moderate)	2020-12-02
oval:org.opensuse.security:def:2810	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2828	P	Security update for gstreamer-plugins-base (Important)	2020-12-02
oval:org.opensuse.security:def:2848	P	Security update for fwupd (Moderate)	2020-12-02
oval:org.opensuse.security:def:4936	P	Security update for apache2 (Moderate)	2020-12-02
oval:org.opensuse.security:def:4798	P	Security update for rsyslog (Moderate)	2020-12-02
oval:org.opensuse.security:def:4832	P	Security update for bind (Important)	2020-12-02
oval:org.opensuse.security:def:4930	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:4969	P	Security update for tomcat (Moderate)	2020-12-02
oval:org.opensuse.security:def:5587	P	Security update for ffmpeg (Moderate)	2020-12-02
oval:org.opensuse.security:def:4713	P	Security update for salt (Moderate)	2020-12-02
oval:org.opensuse.security:def:4773	P	Security update for graphviz (Moderate)	2020-12-02
oval:org.opensuse.security:def:4865	P	Security update for apache2 (Important)	2020-12-02
oval:org.opensuse.security:def:4976	P	Security update for nodejs8 (Important)	2020-12-02
oval:org.opensuse.security:def:5627	P	Security update for ffmpeg (Important)	2020-12-02
oval:org.opensuse.security:def:2816	P	Security update for djvulibre (Moderate)	2020-12-02
oval:org.opensuse.security:def:2842	P	Security update for webkit2gtk3 (Important)	2020-12-02
oval:org.opensuse.security:def:2806	P	Security update for libopenmpt (Moderate)	2020-12-02
oval:org.opensuse.security:def:4949	P	Security update for spice-gtk (Moderate)	2020-12-02
oval:org.opensuse.security:def:4813	P	Security update for ovmf (Important)	2020-12-02
oval:org.opensuse.security:def:4905	P	Security update for rmt-server (Important)	2020-12-02
oval:org.opensuse.security:def:4922	P	Security update for postgresql10 (Moderate)	2020-12-02
oval:org.opensuse.security:def:50970	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:52365	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:74257	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:10510	P	libjavascriptcoregtk-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10544	P	libsndfile-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54197	P	freerdp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54575	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54854	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64163	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:38486	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50246	P	libreoffice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17907	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:18049	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:18116	P	Security update for nasm (Moderate)	2020-12-01
oval:org.opensuse.security:def:18258	P	Security update for gstreamer-0_10-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:50642	P	Security update for subversion (Important)	2020-12-01
oval:org.opensuse.security:def:72966	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:17865	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:50953	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:51328	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:52054	P	Security update for libssh (Important)	2020-12-01
oval:org.opensuse.security:def:25519	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:66185	P	Security update for skopeo (Moderate)	2020-12-01
oval:org.opensuse.security:def:50473	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:52401	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:39168	P	gstreamer-0_10-plugins-bad on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65447	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:63821	P	Security update for libseccomp (Moderate)	2020-12-01
oval:org.opensuse.security:def:64061	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:18987	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:64205	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10900	P	dbus-1-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10993	P	libexif-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55698	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:10870	P	FastCGI on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37683	P	sudo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37903	P	libjbig2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38061	P	sblim-sfcb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38311	P	libjpeg62-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53718	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:55505	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:49324	P	rpm-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49469	P	libtasn1-6-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49820	P	bsdtar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50075	P	librelp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50403	P	Security update for sssd (Moderate)	2020-12-01
oval:org.opensuse.security:def:49323	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24825	P	Security update for log4j (Important)	2020-12-01
oval:org.opensuse.security:def:25032	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:25171	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:25374	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:50538	P	Security update for python-Flask (Low)	2020-12-01
oval:org.opensuse.security:def:52442	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:24752	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:50993	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:51368	P	Security update for cups (Moderate)	2020-12-01
oval:org.opensuse.security:def:52094	P	Security update for libbsd (Moderate)	2020-12-01
oval:org.opensuse.security:def:18315	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:52253	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:64317	P	libblkid-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66277	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:10463	P	libQt5Bootstrap-devel-static on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10525	P	libopenssl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10619	P	MozillaFirefox-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39210	P	libreoffice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54175	P	cups-pk-helper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54337	P	mozilla-nspr-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55020	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55413	P	xdg-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:72848	P	Security update for squid (Critical)	2020-12-01
oval:org.opensuse.security:def:54174	P	cups-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55579	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:38530	P	yast2-users on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53758	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17873	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17992	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:18080	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:18226	P	Security update for php7 (Important)	2020-12-01
oval:org.opensuse.security:def:38419	P	mozilla-nspr-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50569	P	Security update for xerces-c (Low)	2020-12-01
oval:org.opensuse.security:def:53792	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:50931	P	Security update for python-ecdsa (Moderate)	2020-12-01
oval:org.opensuse.security:def:51499	P	Security update for go1.14 (Important)	2020-12-01
oval:org.opensuse.security:def:51771	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:52162	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:18327	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50930	P	Security update for nmap (Important)	2020-12-01
oval:org.opensuse.security:def:52325	P	Security update for bluez (Moderate)	2020-12-01
oval:org.opensuse.security:def:52482	P	Security update for sane-backends (Important)	2020-12-01
oval:org.opensuse.security:def:63955	P	Security update for audiofile (Low)	2020-12-01
oval:org.opensuse.security:def:25461	P	Security update for cpio (Moderate)	2020-12-01
oval:org.opensuse.security:def:68691	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:52293	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:50192	P	kernel-default-extra on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10878	P	ant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10946	P	java-1_7_1-ibm-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11008	P	libid3tag-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55617	P	Security update for compat-openssl098 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37672	P	rtkit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37767	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38004	P	minicom on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38370	P	libsolv-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73538	P	python2-numpy-gnu-hpc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:19013	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:37671	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38458	P	python-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49342	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49674	P	libkpathsea6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49918	P	python2-Jinja2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50313	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:18349	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:65357	P	Security update for systemd (Moderate)	2020-12-01
oval:org.opensuse.security:def:24762	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:24951	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25088	P	Security update for libssh (Important)	2020-12-01
oval:org.opensuse.security:def:25321	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:52361	P	Security update for unbound (Important)	2020-12-01
oval:org.opensuse.security:def:53832	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:50971	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:51131	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:51811	P	Security update for libqt5-qtsvg (Moderate)	2020-12-01
oval:org.opensuse.security:def:52202	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:25475	P	Security update for libssh (Important)	2020-12-01
oval:com.redhat.rhsa:def:20201598	P	RHSA-2020:1598: libreoffice security and bug fix update (Moderate)	2020-04-28
oval:com.redhat.rhsa:def:20201151	P	RHSA-2020:1151: libreoffice security and bug fix update (Moderate)	2020-03-31
oval:org.opensuse.security:def:93353	P	(Moderate)	2019-10-03
oval:org.opensuse.security:def:110007	P	Security update for libreoffice (Moderate)	2019-09-25
oval:org.opensuse.security:def:127437	P	Security update for libreoffice (Moderate)	2019-09-18
oval:org.opensuse.security:def:97778	P	Security update for libreoffice (Moderate)	2019-09-18
oval:org.opensuse.security:def:79682	P	Security update for libreoffice (Moderate)	2019-09-18
oval:org.opensuse.security:def:90813	P	Security update for libreoffice (Moderate)	2019-09-18
oval:org.opensuse.security:def:124917	P	Security update for libreoffice (Moderate)	2019-09-18
oval:org.opensuse.security:def:99844	P	Security update for libreoffice (Moderate)	2019-09-18
oval:org.opensuse.security:def:104468	P	Security update for libreoffice (Moderate)	2019-09-18
oval:org.opensuse.security:def:125970	P	Security update for libreoffice (Moderate)	2019-09-18
oval:com.ubuntu.disco:def:201998540000000	V	CVE-2019-9854 on Ubuntu 19.04 (disco) - medium.	2019-09-06
oval:com.ubuntu.bionic:def:201998540000000	V	CVE-2019-9854 on Ubuntu 18.04 LTS (bionic) - medium.	2019-09-06
oval:com.ubuntu.xenial:def:201998540000000	V	CVE-2019-9854 on Ubuntu 16.04 LTS (xenial) - medium.	2019-09-06

BACK