openSUSE Security Update : LibreOffice (openSUSE-SU-2012:1523-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

LibreOffice was updated to 3.5.4.13 to fix various bugs and security
issues :

- NULL pointer dereference (bnc#778669, CVE-2012-4233)

- bullet-color-pptx-import.diff: bullets should have same
color as following text by default; missing part of the
fix (bnc#734733)

- update to suse-3.5.4.13 (SUSE 3.5 bugfix release 13,
based on upstream 3.5.6-rc2)

- polygon fill rule (bnc#759172)

- open XML in Writer (bnc#777181)

- undo in text objects (fdo#36138)

- broken numbering level (bnc#760019)

- better MathML detection (bnc#774921)

- pictures in DOCX import (bnc#772094)

- collapsing border painting (fdo#39415)

- better DOCX text box export (fdo#45724)

- hidden text in PPTX import (bnc#759180)

- slide notes in PPTX import (bnc#768027)

- RTL paragraphs in DOC import (fdo#43398)

- better vertical text imports (bnc#744510)

- HYPERLINK field in DOCX import (fdo#51034)

- shadow color on partial redraw (bnc#773515)

- floating objects in DOCX import (bnc#775899)

- graphite2 hyphenation regression (fdo#49486)

- missing shape position and size (bnc#760997)

- page style attributes in ODF import (fdo#38056)

- browsing in Template dialog crasher (fdo#46249)

- wrong master slide shape being used (bnc#758565)

- page borders regression in ODT import (fdo#38056)

- invalidate bound rect after drag&drop (fdo#44534)

- rotated shape margins in PPTX import (bnc#773048)

- pasting into more than 1 sheet crasher (fdo#47311)

- crashers in PPT/PPTX import (bnc#768027, bnc#774167

- missing footnote in DOCX/DOC/RTF export (fdo#46020)

- checkbox no-label behaviour (fdo#51336, bnc#757602)

- try somewhat harder to read w:position (bnc#773061)

- FormatNumber can handle sal_uInt32 values (fdo#51793)

- rectangle-paragraph tables in DOCX import (bnc#775899)

- header and bullet in slideshow transition (bnc#759172)

- default background color in DOC/DOCX export (fdo#45724)

- font name / size attributes in DOCX import (bnc#774681)

- zero rect. size causing wrong line positions (fdo#47434)

- adjusted display of Bracket/BracePair in PPT
(bnc#741480)

- use Unicode functions for QuickStarter tooltip
(fdo#52143)

- TabRatio API and detect macro at group shape fixes
(bnc#770708)

- indented text in DOCX file does not wrap correctly
(bnc#775906)

- undocked toolbars do not show all icons in special ratio
(fdo#47071)

- cross-reference text when Caption order is Numbering
first (fdo#50801)

- bullet color same as following text by default
(bnc#719988, bnc#734733)

- misc RTF import fixes (rhbz#819304, fdo#49666,
bnc#774681, fdo#51772, fdo#48033, fdo#52066, fdo#48335,
fdo#48446, fdo#49892, fdo#46966)

- update to libvisio 0.0.19 :

- file displays as blank page in Draw (fdo#50990)

- use the vendor SUSE instead of Novell, Inc.

- install-with-vendor-SUSE.diff: fix installation with the
vendor 'SUSE'

See also :

http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html
https://bugzilla.novell.com/show_bug.cgi?id=719988
https://bugzilla.novell.com/show_bug.cgi?id=734733
https://bugzilla.novell.com/show_bug.cgi?id=741480
https://bugzilla.novell.com/show_bug.cgi?id=744510
https://bugzilla.novell.com/show_bug.cgi?id=757602
https://bugzilla.novell.com/show_bug.cgi?id=758565
https://bugzilla.novell.com/show_bug.cgi?id=759172
https://bugzilla.novell.com/show_bug.cgi?id=759180
https://bugzilla.novell.com/show_bug.cgi?id=760019
https://bugzilla.novell.com/show_bug.cgi?id=760997
https://bugzilla.novell.com/show_bug.cgi?id=768027
https://bugzilla.novell.com/show_bug.cgi?id=770708
https://bugzilla.novell.com/show_bug.cgi?id=772094
https://bugzilla.novell.com/show_bug.cgi?id=773048
https://bugzilla.novell.com/show_bug.cgi?id=773061
https://bugzilla.novell.com/show_bug.cgi?id=773515
https://bugzilla.novell.com/show_bug.cgi?id=774167
https://bugzilla.novell.com/show_bug.cgi?id=774681
https://bugzilla.novell.com/show_bug.cgi?id=774921
https://bugzilla.novell.com/show_bug.cgi?id=775899
https://bugzilla.novell.com/show_bug.cgi?id=775906
https://bugzilla.novell.com/show_bug.cgi?id=777181
https://bugzilla.novell.com/show_bug.cgi?id=778669

Solution :

Update the affected LibreOffice packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 74815 ()

Bugtraq ID:

CVE ID: CVE-2012-4233

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now