SuSE 11.3 Security Update : LibreOffice (SAT Patch Number 9677)

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.

Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

LibreOffice was updated to version (SUSE 4.0-patch26, tag
suse-4.0-26, based on upstream

Two security issues have been fixed :

- DOCM memory corruption vulnerability. (CVE-2013-4156,

- Data exposure using crafted OLE objects. (CVE-2014-3575,
bnc#893141) The following non-security issues have been
fixed :

- chart shown flipped. (bnc#834722)

- chart missing dataset. (bnc#839727)

- import new line in text. (bnc#828390)

- lines running off screens. (bnc#819614)

- add set-all language menu. (bnc#863021)

- text rotation. (bnc#783433, bnc#862510)

- page border shadow testcase. (bnc#817956)

- one more clickable field fix. (bnc#802888)

- multilevel labels are rotated. (bnc#820273)

- incorrect nested table margins. (bnc#816593)

- use BitmapURL only if its valid. (bnc#821567)

- import gradfill for text colors. (bnc#870234)

- fix undo of paragraph attributes. (bnc#828598)

- stop-gap solution to avoid crash. (bnc#830205)

- import images with duotone filter. (bnc#820077)

- missing drop downs for autofilter. (bnc#834705)

- typos in first page style creation. (bnc#820836)

- labels wrongly interpreted as dates. (bnc#834720)

- RTF import of fFilled shape property. (bnc#825305)

- placeholders text size is not correct. (bnc#831457)

- cells value formatted with wrong output. (bnc#821795)

- RTF import of freeform shape coordinates. (bnc#823655)

- styles (rename &) copy to different decks.

- XLSX Chart import with internal data table. (bnc#819822)

- handle M.d.yyyy date format in DOCX import. (bnc#820509)

- paragraph style in empty first page header. (bnc#823651)

- copying slides having same master page name.

- printing handouts using the default, 'Order'.

- wrap polygon was based on dest size of picture.

- added common flags support for SEQ field import.

- hyperlinks of illustration index in DOCX export.

- allow insertion of redlines with an empty author.

- handle drawinglayer rectangle inset in VML import.

- don't apply complex font size to non-complex font.

- issue with negative seeks in win32 shell extension.

- slide appears quite garbled when imported from PPTX.

- initial MCE support in writerfilter ooxml tokenizer.

- MSWord uses \xb for linebreaks in DB fields, take 2.

- try harder to convert floating tables to text frames.

- itemstate in parent style incorrectly reported as set.

- default color hidden by Default style in writerfilter.

- DOCX document crashes when using internal OOXML filter.

- ugly workaround for external leading with symbol fonts.

- followup fix for exported xlsx causes errors for
mso2007. (bnc#823935)

- we only support simple labels in the
InternalDataProvider. (bnc#864396)

- RTF import: fix import of numbering bullet associated
font. (bnc#823675)

- page specific footer extended to every pages in DOCX
export. (bnc#654230)

- v:textbox mso-fit-shape-to-text style property in VML
import. (bnc#820788)

- w:spacing in a paragraph should also apply to as-char
objects. (bnc#780044)

- compatibility setting for MS Word wrapping text in less
space. (bnc#822908)

- fix SwWrtShell::SelAll() to work with empty table at doc
start (bnc#825891)

See also :

Solution :

Apply SAT patch number 9677.

Risk factor :

Medium / CVSS Base Score : 6.8

Family: SuSE Local Security Checks

Nessus Plugin ID: 77663 ()

Bugtraq ID:

CVE ID: CVE-2013-4156

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now