SuSE 10 Security Update : libreoffice (ZYPP Patch Number 7791)

This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

LibreOffice 3.4 includes many interesting features and fixes, see
http://www.libreoffice.org/download/3-4-new-features-and-fixes/

The update fixes the following security issues :

- 704311: libreoffice Lotus Word Pro filter multiple
vulnerabilities. (CVE-2011-2685)

This update also fixes the following non-security issues :

- 676858: Document with full page graphic in header will
not allow click-drag or right-click.

- 681738: DDE link is lost when .xls file is opened/saved
in Calc.

- 683578: Large xlsx file takes extremely long to open
with Libreoffice calc

- 684784: Microsoft Office spreadsheet does not display
anything

- 693238: Column format in docx file is not displayed
correctly.

- 693477: Format of Word .doc file from HP is bad.

- 694344: 3rd level bulleted items are not displayed
properly.

- 695479: L3: RTF file is not displayed correctly by
Writer.

- 696630: DDE link from Calc to Excel needs Excel open to
update link in Calc.

- 702506: Writer crashes when opening docx files.

- 704639: HTML document appearance changes when opened in
open office vs LibreOffice

- 704642: 16 digit numbers change in LibreOffice when
opening a file created in MS Excel

- 705949: Information missing from MS Word document when
opened in LibreOffice (w:sdt)

- 706792: PTF 3.3.1-21 introduced a crash when opening a
pptx presentation.

- 707486: Macro from excel fails on Selection.Copy when
run in Calc.

- 707779: Disappearing text

- 708137: xls spreadsheet is extremely slow to open and
check boxes are broken.

- 708518: Bullet symbol is not rendered correctly in a
specific slide.

- 710061: ODP export to PDF produces broken images

- 710920: RPM installation ending with redundant error.

- 711977: File association for fod* files are missing.

- 712358: Some extensions broken after upgrading.

- 715268: Command libreoffice --help does not work when
LibreOffice is already started

- 715416: Impress crashes starting Slide show in the
context of dual monitors extension mode.

- 715931: failed to save an odp file.

See also :

http://support.novell.com/security/cve/CVE-2011-2685.html

Solution :

Apply ZYPP patch number 7791.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 57219 ()

Bugtraq ID:

CVE ID: CVE-2011-2685

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now