English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.852130
Category:SuSE Local Security Checks
Title:SuSE Update for LibreOffice openSUSE-SU-2018:3796-1 (LibreOffice)
Summary:The remote host is missing an update for the 'LibreOffice'; package(s) announced via the openSUSE-SU-2018:3796_1 advisory.
Description:Summary:
The remote host is missing an update for the 'LibreOffice'
package(s) announced via the openSUSE-SU-2018:3796_1 advisory.

Vulnerability Insight:
This update for LibreOffice, libepubgen, liblangtag, libmwaw,
libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1 fixes
the following issues:

LibreOffice was updated to 6.1.3.2 (fate#326624) and contains new features
and lots of bugfixes:

Bugfixes:

- bsc#1095639 Exporting to PPTX results in vertical labels being shown
horizontally

- bsc#1098891 Table in PPTX misplaced and partly blue

- bsc#1088263 Labels in chart change (from white and other colors) to
black when saving as PPTX

- bsc#1095601 Exporting to PPTX shifts arrow shapes quite a bit

- Add more translations:

* Belarusian

* Bodo

* Dogri

* Frisian

* Gaelic

* Paraguayan_Guaran

* Upper_Sorbian

* Konkani

* Kashmiri

* Luxembourgish

* Monglolian

* Manipuri

* Burnese

* Occitan

* Kinyarwanda

* Santali

* Sanskrit

* Sindhi

* Sidamo

* Tatar

* Uzbek

* Upper Sorbian

* Venetian

* Amharic

* Asturian

* Tibetian

* Bosnian

* English GB

* English ZA

* Indonesian

* Icelandic

* Georgian

* Khmer

* Lao

* Macedonian

* Nepali

* Oromo

* Albanian

* Tajik

* Uyghur

* Vietnamese

* Kurdish

- Try to build all languages see bsc#1096360

- Make sure to install the KDE5/Qt5 UI/filepicker

- Try to implement safeguarding to avoid bsc#1050305

- Disable base-drivers-mysql as it needs mysqlcppcon that is only for
mysql and not mariadb, causes issues bsc#1094779

* Users can still connect using jdbc/odbc

- Fix java detection on machines with too many cpus

- CVE-2018-10583: An information disclosure vulnerability occurred when
LibreOffice automatically processed and initiated an SMB connection
embedded in a malicious file, as demonstrated by
xlink:href=file://192.168.0.2/test.jpg within an office:document-content
element in a .odt XML document. (bsc#1091606)

libepubgen was updated to 0.1.1:

- Avoid div inside p or span .

- Avoid writin vertical-align attribute without a value.

- Fix generation of invalid XHTML when there is a link starting at the
beginning of a footnote.

- Handle relative width for images.

- Fixed layout: write chapter names to improve navigation.

- Support writing mode.

- Start a new HTML file at every page span in addition to the splits
induced by the chosen split method. This is to ensure that specified
writing mode works correctly, as it is HTML body attribute.

liblangtag was updated to 0.6.2 ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
LibreOffice on openSUSE Leap 15.0.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-10583
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.