openSUSE Security Update : libreoffice-34 (openSUSE-SU-2011:1143-2)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

LibreOffice 3.4 includes new interesting features and fixes, see
http://www.libreoffice.org/download/3-4-new-features-and-fix es/

The update fixes the following security issue :

- 704311: libreoffice Lotus Word Pro filter multiple
vulnerabilities (CVE-2011-2685)

- 722075: LibreOffice: Out-of-bounds read in DOC sprm
(CVE-2011-2713)

This update also fixes the following non-security issues :

- 647959: LibO has a regression problem to show emf charts
properly.

- 650049: pptx presentation has text in boxes and circles.
Only text is displayed.

- 651250: Video and Audio does not play in slide show mode
of LibO Impress.

- 652562: LibreOffice crashes on start on 11.4-MS3 NET/DVD
install

- 653662: libreoffice build calls mkbundle2 (deprecated)
instead of mkbundle

- 663622: Writer crash during document save

- 665112: could not type or edit office document

- 675868: eliminate wording of ooconvert existed in
loconvert --help

- 675961: Libreoffice Copy paste of formula in Writer
tables does not work as expected

- 676858: Document with full page graphic in header will
not allow click-drag or right-click.

- 678998: Libre Office 3.3.1 does not detect KDE3

- 680272: Deleting multiple sheets results in run-time
error/crash

- 681738: DDE link is lost when .xls file is opened/saved
in Calc.

- 683578: Large xlsx file takes extremely long to open
with Libreoffice calc

- 684784: Microsoft Office spreadsheet does not display
anything

- 693238: Column format in docx file is not displayed
correctly.

- 693477: Format of Word .doc file from HP is bad.

- 694119: Using File-->Send-->Document as E-mail will
crash Impress

- 694344: 3rd level bulleted items are not displayed
properly.

- 695479: L3: RTF file is not displayed correctly by
Writer.

- 696630: DDE link from Calc to Excel needs Excel open to
update link in Calc.

- 702506: Writer crashes when opening docx files.

- 704639: HTML document appearance changes when opened in
open office vs LibreOffice

- 704642: 16 digit numbers change in LibreOffice when
opening a file created in MS Excel

- 705949: Information missing from MS Word document when
opened in LibreOffice (w:sdt)

- 706792: PTF 3.3.1-21 introduced a crash when opening a
pptx presentation.

- 707486: Macro from excel fails on Selection.Copy when
run in Calc.

- 707779: Disappearing text

- 708137: xls spreadsheet is extremely slow to open and
check boxes are broken.

- 708518: Bullet symbol is not rendered correctly in a
specific slide.

- 710061: ODP export to PDF produces broken images

- 710920: RPM installation ending with redundant error.

- 711977: File association for fod* files are missing.

- 712358: Some extensions broken after upgrading.

- 715268: Command libreoffice --help does not work when
LibreOffice is already started

- 715856: LibreOffice:Stable/libreoffice-converter: Bug

- 715416: Impress crashes starting Slide show in the
context of dual monitors extension mode.

- 715931: failed to save an odp file.

- 717262: libtool adds /usr/lib64 into rpath

See also :

http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html
http://www.libreoffice.org/download/3-4-new-features-and-fix
https://bugzilla.novell.com/show_bug.cgi?id=647959
https://bugzilla.novell.com/show_bug.cgi?id=650049
https://bugzilla.novell.com/show_bug.cgi?id=651250
https://bugzilla.novell.com/show_bug.cgi?id=652562
https://bugzilla.novell.com/show_bug.cgi?id=653662
https://bugzilla.novell.com/show_bug.cgi?id=663622
https://bugzilla.novell.com/show_bug.cgi?id=665112
https://bugzilla.novell.com/show_bug.cgi?id=675868
https://bugzilla.novell.com/show_bug.cgi?id=675961
https://bugzilla.novell.com/show_bug.cgi?id=676858
https://bugzilla.novell.com/show_bug.cgi?id=678998
https://bugzilla.novell.com/show_bug.cgi?id=680272
https://bugzilla.novell.com/show_bug.cgi?id=681738
https://bugzilla.novell.com/show_bug.cgi?id=683578
https://bugzilla.novell.com/show_bug.cgi?id=684784
https://bugzilla.novell.com/show_bug.cgi?id=693238
https://bugzilla.novell.com/show_bug.cgi?id=693477
https://bugzilla.novell.com/show_bug.cgi?id=694119
https://bugzilla.novell.com/show_bug.cgi?id=694344
https://bugzilla.novell.com/show_bug.cgi?id=695479
https://bugzilla.novell.com/show_bug.cgi?id=696630
https://bugzilla.novell.com/show_bug.cgi?id=702506
https://bugzilla.novell.com/show_bug.cgi?id=704311
https://bugzilla.novell.com/show_bug.cgi?id=704639
https://bugzilla.novell.com/show_bug.cgi?id=704642
https://bugzilla.novell.com/show_bug.cgi?id=705949
https://bugzilla.novell.com/show_bug.cgi?id=706792
https://bugzilla.novell.com/show_bug.cgi?id=707486
https://bugzilla.novell.com/show_bug.cgi?id=707779
https://bugzilla.novell.com/show_bug.cgi?id=708137
https://bugzilla.novell.com/show_bug.cgi?id=708518
https://bugzilla.novell.com/show_bug.cgi?id=710061
https://bugzilla.novell.com/show_bug.cgi?id=710920
https://bugzilla.novell.com/show_bug.cgi?id=711977
https://bugzilla.novell.com/show_bug.cgi?id=712358
https://bugzilla.novell.com/show_bug.cgi?id=715268
https://bugzilla.novell.com/show_bug.cgi?id=715416
https://bugzilla.novell.com/show_bug.cgi?id=715856
https://bugzilla.novell.com/show_bug.cgi?id=715931
https://bugzilla.novell.com/show_bug.cgi?id=717262

Solution :

Update the affected libreoffice-34 packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 75919 ()

Bugtraq ID:

CVE ID: CVE-2011-2685
CVE-2011-2713

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now