SuSE 10 Security Update : LibreOffice (ZYPP Patch Number 8286)

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

LibreOffice was updated to SUSE 3.5 bugfix release 13 (based on
upstream 3.5.6-rc2) which fixes a lot of bugs.

The following bugs have been fixed :

- polygon fill rule. (bnc#759172)

- open XML in Writer. (bnc#777181)

- undo in text objects (fdo#36138)

- broken numbering level. (bnc#760019)

- better MathML detection. (bnc#774921)

- pictures in DOCX import. (bnc#772094)

- collapsing border painting (fdo#39415)

- better DOCX text box export (fdo#45724)

- hidden text in PPTX import. (bnc#759180)

- slide notes in PPTX import. (bnc#768027)

- RTL paragraphs in DOC import (fdo#43398)

- better vertical text imports. (bnc#744510)

- HYPERLINK field in DOCX import (fdo#51034)

- shadow color on partial redraw. (bnc#773515)

- floating objects in DOCX import. (bnc#775899)

- graphite2 hyphenation regression (fdo#49486)

- missing shape position and size. (bnc#760997)

- page style attributes in ODF import (fdo#38056)

- browsing in Template dialog crasher (fdo#46249)

- wrong master slide shape being used. (bnc#758565)

- page borders regression in ODT import (fdo#38056)

- invalidate bound rect after drag&drop (fdo#44534)

- rotated shape margins in PPTX import. (bnc#773048)

- pasting into more than 1 sheet crasher (fdo#47311)

- crashers in PPT/PPTX import (bnc#768027, bnc#774167

- missing footnote in DOCX/DOC/RTF export (fdo#46020)

- checkbox no-label behaviour (fdo#51336, bnc#757602)

- try somewhat harder to read w:position. (bnc#773061)

- FormatNumber can handle sal_uInt32 values (fdo#51793)

- rectangle-paragraph tables in DOCX import. (bnc#775899)

- header and bullet in slideshow transition. (bnc#759172)

- default background color in DOC/DOCX export (fdo#45724)

- font name / size attributes in DOCX import. (bnc#774681)

- zero rect. size causing wrong line positions (fdo#47434)

- adjusted display of Bracket/BracePair in PPT.
(bnc#741480)

- use Unicode functions for QuickStarter tooltip
(fdo#52143)

- TabRatio API and detect macro at group shape fixes.
(bnc#770708)

- indented text in DOCX file does not wrap correctly.
(bnc#775906)

- undocked toolbars do not show all icons in special ratio
(fdo#47071)

- cross-reference text when Caption order is Numbering
first (fdo#50801)

- bullet color same as following text by default.
(bnc#719988, bnc#734733)

- misc RTF import fixes (rhbz#819304, fdo#49666,
bnc#774681, fdo#51772, fdo#48033, fdo#52066, fdo#48335,
fdo#48446, fdo#49892, fdo#46966)

- libvisio was updated to 0.0.19: o file displays as blank
page in Draw (fdo#50990)

- Use the vendor SUSE instead of Novell, Inc.

- Some NULL pointer dereferences were fixed.
(CVE-2012-4233) Security Issue refernce :

- CVE-2012-4233

See also :

http://support.novell.com/security/cve/CVE-2012-4233.html

Solution :

Apply ZYPP patch number 8286.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 62781 ()

Bugtraq ID:

CVE ID: CVE-2012-4233

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now