Red Hat Local Security Checks : RedHat Update for libreoffice RHSA-2015:1458-01

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.871412

Categoría: Red Hat Local Security Checks

Título: RedHat Update for libreoffice RHSA-2015:1458-01

Resumen: The remote host is missing an update for the 'libreoffice'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'libreoffice'
package(s) announced via the referenced advisory.

Vulnerability Insight:
LibreOffice is an open source, community-developed office productivity
suite. It includes key desktop applications, such as a word processor, a
spreadsheet, a presentation manager, a formula editor, and a drawing
program. LibreOffice replaces OpenOffice and provides a similar but
enhanced and extended office suite.

A flaw was found in the way the LibreOffice HWP (Hangul Word Processor)
file filter processed certain HWP documents. An attacker able to trick a
user into opening a specially crafted HWP document could possibly use this
flaw to execute arbitrary code with the privileges of the user opening that
document. (CVE-2015-1774)

The libreoffice packages have been upgraded to upstream version 4.2.8.2,
which provides a number of bug fixes and enhancements over the previous
version, including:

* OpenXML interoperability has been improved.

* This update adds additional statistics functions to the Calc application,
thus improving interoperability with Microsoft Excel and its 'Analysis
ToolPak' add-in.

* Various performance improvements have been implemented in Calc.

* This update adds new import filters for importing files from the Appple
Keynote and Abiword applications.

* The export filter for the MathML markup language has been improved.

* This update adds a new start screen that includes thumbnails of recently
opened documents.

* A visual clue is now displayed in the Slide Sorter window for slides with
transitions or animations.

* This update improves trend lines in charts.

* LibreOffice now supports BCP 47 language tags.

For a complete list of bug fixes and enhancements provided by this rebase,
see the libreoffice change log linked from the References section.
(BZ#1150048)

Users of libreoffice are advised to upgrade to these updated packages,
which correct these issues and add these enhancements.

Affected Software/OS:
libreoffice on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-1774
BugTraq ID: 74338
http://www.securityfocus.com/bid/74338
Debian Security Information: DSA-3236 (Google Search)
http://www.debian.org/security/2015/dsa-3236
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html
https://security.gentoo.org/glsa/201603-05
https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094
RedHat Security Advisories: RHSA-2015:1458
http://rhn.redhat.com/errata/RHSA-2015-1458.html
http://www.securitytracker.com/id/1032205
http://www.securitytracker.com/id/1032206
SuSE Security Announcement: openSUSE-SU-2015:0859 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html
http://www.ubuntu.com/usn/USN-2578-1

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.871412
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for libreoffice RHSA-2015:1458-01
Resumen:	The remote host is missing an update for the 'libreoffice'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'libreoffice' package(s) announced via the referenced advisory. Vulnerability Insight: LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. A flaw was found in the way the LibreOffice HWP (Hangul Word Processor) file filter processed certain HWP documents. An attacker able to trick a user into opening a specially crafted HWP document could possibly use this flaw to execute arbitrary code with the privileges of the user opening that document. (CVE-2015-1774) The libreoffice packages have been upgraded to upstream version 4.2.8.2, which provides a number of bug fixes and enhancements over the previous version, including: * OpenXML interoperability has been improved. * This update adds additional statistics functions to the Calc application, thus improving interoperability with Microsoft Excel and its 'Analysis ToolPak' add-in. * Various performance improvements have been implemented in Calc. * This update adds new import filters for importing files from the Appple Keynote and Abiword applications. * The export filter for the MathML markup language has been improved. * This update adds a new start screen that includes thumbnails of recently opened documents. * A visual clue is now displayed in the Slide Sorter window for slides with transitions or animations. * This update improves trend lines in charts. * LibreOffice now supports BCP 47 language tags. For a complete list of bug fixes and enhancements provided by this rebase, see the libreoffice change log linked from the References section. (BZ#1150048) Users of libreoffice are advised to upgrade to these updated packages, which correct these issues and add these enhancements. Affected Software/OS: libreoffice on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1774 BugTraq ID: 74338 http://www.securityfocus.com/bid/74338 Debian Security Information: DSA-3236 (Google Search) http://www.debian.org/security/2015/dsa-3236 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156582.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157550.html https://security.gentoo.org/glsa/201603-05 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1094 RedHat Security Advisories: RHSA-2015:1458 http://rhn.redhat.com/errata/RHSA-2015-1458.html http://www.securitytracker.com/id/1032205 http://www.securitytracker.com/id/1032206 SuSE Security Announcement: openSUSE-SU-2015:0859 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-05/msg00015.html http://www.ubuntu.com/usn/USN-2578-1
Copyright	Copyright (C) 2015 Greenbone AG