CentOS Local Security Checks : CentOS Update for autocorr-af CESA-2017:0914 centos7

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.882693

Category: CentOS Local Security Checks

Title: CentOS Update for autocorr-af CESA-2017:0914 centos7

Summary: Check the version of autocorr-af

Description: Summary:
Check the version of autocorr-af

Vulnerability Insight:
LibreOffice is an open source,
community-developed office productivity suite. It includes key desktop
applications, such as a word processor, a spreadsheet, a presentation manager,
a formula editor, and a drawing program. LibreOffice replaces OpenOffice and
provides a similar but enhanced and extended office suite.

Security Fix(es):

* It was found that LibreOffice disclosed contents of a file specified in
an embedded object's preview. An attacker could potentially use this flaw
to expose details of a system running LibreOffice as an online service via
a crafted document. (CVE-2017-3157)

Bug Fix(es):

* Previously, an improper resource management caused the LibreOffice Calc
spreadsheet application to terminate unexpectedly after closing a dialog
window with accessibility support enabled. The resource management has been
improved, and the described problem no longer occurs. (BZ#1425536)

* Previously, when an incorrect password was entered for a password
protected document, the document has been considered as valid and a
fallback attempt to open it as plain text has been made. As a consequence,
it could appear that the document successfully loaded, while just the
encrypted unreadable content was shown. A fix has been made to terminate
import attempts after entering incorrect password, and now nothing is
loaded when a wrong password is entered. (BZ#1426348)

* Previously, an improper resource management caused the LibreOffice Calc
spreadsheet application to terminate unexpectedly during exit, after the
Text Import dialog for CSV (Comma-separated Value) files closed, when
accessibility support was enabled. The resource management has been
improved, and the described problem no longer occurs. (BZ#1425535)

Affected Software/OS:
autocorr-af on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-3157
BugTraq ID: 96402
http://www.securityfocus.com/bid/96402
Debian Security Information: DSA-3792 (Google Search)
https://www.debian.org/security/2017/dsa-3792
RedHat Security Advisories: RHSA-2017:0914
https://access.redhat.com/errata/RHSA-2017:0914
RedHat Security Advisories: RHSA-2017:0979
https://access.redhat.com/errata/RHSA-2017:0979
http://www.securitytracker.com/id/1037893

Copyright Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.882693
Category:	CentOS Local Security Checks
Title:	CentOS Update for autocorr-af CESA-2017:0914 centos7
Summary:	Check the version of autocorr-af
Description:	Summary: Check the version of autocorr-af Vulnerability Insight: LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose details of a system running LibreOffice as an online service via a crafted document. (CVE-2017-3157) Bug Fix(es): * Previously, an improper resource management caused the LibreOffice Calc spreadsheet application to terminate unexpectedly after closing a dialog window with accessibility support enabled. The resource management has been improved, and the described problem no longer occurs. (BZ#1425536) * Previously, when an incorrect password was entered for a password protected document, the document has been considered as valid and a fallback attempt to open it as plain text has been made. As a consequence, it could appear that the document successfully loaded, while just the encrypted unreadable content was shown. A fix has been made to terminate import attempts after entering incorrect password, and now nothing is loaded when a wrong password is entered. (BZ#1426348) * Previously, an improper resource management caused the LibreOffice Calc spreadsheet application to terminate unexpectedly during exit, after the Text Import dialog for CSV (Comma-separated Value) files closed, when accessibility support was enabled. The resource management has been improved, and the described problem no longer occurs. (BZ#1425535) Affected Software/OS: autocorr-af on CentOS 7 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3157 BugTraq ID: 96402 http://www.securityfocus.com/bid/96402 Debian Security Information: DSA-3792 (Google Search) https://www.debian.org/security/2017/dsa-3792 RedHat Security Advisories: RHSA-2017:0914 https://access.redhat.com/errata/RHSA-2017:0914 RedHat Security Advisories: RHSA-2017:0979 https://access.redhat.com/errata/RHSA-2017:0979 http://www.securitytracker.com/id/1037893
Copyright	Copyright (C) 2017 Greenbone AG