Test ID:	1.3.6.1.4.1.25623.1.1.10.2021.0471
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2021-0471)
Summary:	The remote host is missing an update for the 'libneon, libreoffice' package(s) announced via the MGASA-2021-0471 advisory.
Description:	Summary: The remote host is missing an update for the 'libneon, libreoffice' package(s) announced via the MGASA-2021-0471 advisory. Vulnerability Insight: LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a valid signature issued by a trusted person. This updates to version 7.2.2.2 which includes the fix as well as other bugfixes. Affected Software/OS: 'libneon, libreoffice' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2021-25632 Common Vulnerability Exposure (CVE) ID: CVE-2021-25633 Debian Security Information: DSA-4988 (Google Search) https://www.debian.org/security/2021/dsa-4988 https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633 Common Vulnerability Exposure (CVE) ID: CVE-2021-25634 https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634 Common Vulnerability Exposure (CVE) ID: CVE-2021-25635
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.