ALT-PU-2017-2719-1
Package LibreOffice updated to version 5.3.7.2-alt0.M80P.1 for branch p8 in task 195576.
Closed vulnerabilities
BDU:2017-01264
Уязвимость функции EnhWMFReader::ReadEnhWMF пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код
BDU:2017-01549
Уязвимость функции tools::Polygon::Insert пакета офисных программ LibreOffice, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2016-10327
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
- http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/
- http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/
- 97668
- 97668
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313
- https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416
- https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416
- GLSA-201706-28
- GLSA-201706-28
Modified: 2024-11-21
CVE-2017-14226
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application.
- https://bugs.documentfoundation.org/show_bug.cgi?id=112269
- https://bugs.documentfoundation.org/show_bug.cgi?id=112269
- https://bugzilla.redhat.com/show_bug.cgi?id=1489337
- https://bugzilla.redhat.com/show_bug.cgi?id=1489337
- https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9
- https://cgit.freedesktop.org/libreoffice/core/commit/?id=dd89afa6ee8166b69e7a1e86f22616ca8fc122c9
- https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/
- https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/
- https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/
- https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/
- https://sourceforge.net/p/libwpd/tickets/14/
- https://sourceforge.net/p/libwpd/tickets/14/
Modified: 2024-11-21
CVE-2017-7870
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
- DSA-3837
- DSA-3837
- http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/
- http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/
- 97671
- 97671
- 1039029
- 1039029
- RHSA-2017:1975
- RHSA-2017:1975
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372
- https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722
- https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722
- GLSA-201706-28
- GLSA-201706-28