SuSE 11.3 Security Update : LibreOffice (SAT Patch Number 9677)

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

LibreOffice was updated to version 4.0.3.3.26. (SUSE 4.0-patch26, tag
suse-4.0-26, based on upstream 4.0.3.3).

Two security issues have been fixed :

- DOCM memory corruption vulnerability. (CVE-2013-4156,
bnc#831578)

- Data exposure using crafted OLE objects. (CVE-2014-3575,
bnc#893141) The following non-security issues have been
fixed :

- chart shown flipped. (bnc#834722)

- chart missing dataset. (bnc#839727)

- import new line in text. (bnc#828390)

- lines running off screens. (bnc#819614)

- add set-all language menu. (bnc#863021)

- text rotation. (bnc#783433, bnc#862510)

- page border shadow testcase. (bnc#817956)

- one more clickable field fix. (bnc#802888)

- multilevel labels are rotated. (bnc#820273)

- incorrect nested table margins. (bnc#816593)

- use BitmapURL only if its valid. (bnc#821567)

- import gradfill for text colors. (bnc#870234)

- fix undo of paragraph attributes. (bnc#828598)

- stop-gap solution to avoid crash. (bnc#830205)

- import images with duotone filter. (bnc#820077)

- missing drop downs for autofilter. (bnc#834705)

- typos in first page style creation. (bnc#820836)

- labels wrongly interpreted as dates. (bnc#834720)

- RTF import of fFilled shape property. (bnc#825305)

- placeholders text size is not correct. (bnc#831457)

- cells value formatted with wrong output. (bnc#821795)

- RTF import of freeform shape coordinates. (bnc#823655)

- styles (rename &) copy to different decks.
(bnc#757432)

- XLSX Chart import with internal data table. (bnc#819822)

- handle M.d.yyyy date format in DOCX import. (bnc#820509)

- paragraph style in empty first page header. (bnc#823651)

- copying slides having same master page name.
(bnc#753460)

- printing handouts using the default, 'Order'.
(bnc#835985)

- wrap polygon was based on dest size of picture.
(bnc#820800)

- added common flags support for SEQ field import.
(bnc#825976)

- hyperlinks of illustration index in DOCX export.
(bnc#834035)

- allow insertion of redlines with an empty author.
(bnc#837302)

- handle drawinglayer rectangle inset in VML import.
(bnc#779642)

- don't apply complex font size to non-complex font.
(bnc#820819)

- issue with negative seeks in win32 shell extension.
(bnc#829017)

- slide appears quite garbled when imported from PPTX.
(bnc#593612)

- initial MCE support in writerfilter ooxml tokenizer.
(bnc#820503)

- MSWord uses \xb for linebreaks in DB fields, take 2.
(bnc#878854)

- try harder to convert floating tables to text frames.
(bnc#779620)

- itemstate in parent style incorrectly reported as set.
(bnc#819865)

- default color hidden by Default style in writerfilter.
(bnc#820504)

- DOCX document crashes when using internal OOXML filter.
(bnc#382137)

- ugly workaround for external leading with symbol fonts.
(bnc#823626)

- followup fix for exported xlsx causes errors for
mso2007. (bnc#823935)

- we only support simple labels in the
InternalDataProvider. (bnc#864396)

- RTF import: fix import of numbering bullet associated
font. (bnc#823675)

- page specific footer extended to every pages in DOCX
export. (bnc#654230)

- v:textbox mso-fit-shape-to-text style property in VML
import. (bnc#820788)

- w:spacing in a paragraph should also apply to as-char
objects. (bnc#780044)

- compatibility setting for MS Word wrapping text in less
space. (bnc#822908)

- fix SwWrtShell::SelAll() to work with empty table at doc
start (bnc#825891)

See also :

https://bugzilla.novell.com/show_bug.cgi?id=382137
https://bugzilla.novell.com/show_bug.cgi?id=593612
https://bugzilla.novell.com/show_bug.cgi?id=654230
https://bugzilla.novell.com/show_bug.cgi?id=753460
https://bugzilla.novell.com/show_bug.cgi?id=757432
https://bugzilla.novell.com/show_bug.cgi?id=779620
https://bugzilla.novell.com/show_bug.cgi?id=779642
https://bugzilla.novell.com/show_bug.cgi?id=780044
https://bugzilla.novell.com/show_bug.cgi?id=783433
https://bugzilla.novell.com/show_bug.cgi?id=802888
https://bugzilla.novell.com/show_bug.cgi?id=816593
https://bugzilla.novell.com/show_bug.cgi?id=817956
https://bugzilla.novell.com/show_bug.cgi?id=819614
https://bugzilla.novell.com/show_bug.cgi?id=819822
https://bugzilla.novell.com/show_bug.cgi?id=819865
https://bugzilla.novell.com/show_bug.cgi?id=820077
https://bugzilla.novell.com/show_bug.cgi?id=820273
https://bugzilla.novell.com/show_bug.cgi?id=820503
https://bugzilla.novell.com/show_bug.cgi?id=820504
https://bugzilla.novell.com/show_bug.cgi?id=820509
https://bugzilla.novell.com/show_bug.cgi?id=820788
https://bugzilla.novell.com/show_bug.cgi?id=820800
https://bugzilla.novell.com/show_bug.cgi?id=820819
https://bugzilla.novell.com/show_bug.cgi?id=820836
https://bugzilla.novell.com/show_bug.cgi?id=821567
https://bugzilla.novell.com/show_bug.cgi?id=821795
https://bugzilla.novell.com/show_bug.cgi?id=822908
https://bugzilla.novell.com/show_bug.cgi?id=823626
https://bugzilla.novell.com/show_bug.cgi?id=823651
https://bugzilla.novell.com/show_bug.cgi?id=823655
https://bugzilla.novell.com/show_bug.cgi?id=823675
https://bugzilla.novell.com/show_bug.cgi?id=823935
https://bugzilla.novell.com/show_bug.cgi?id=825305
https://bugzilla.novell.com/show_bug.cgi?id=825891
https://bugzilla.novell.com/show_bug.cgi?id=825976
https://bugzilla.novell.com/show_bug.cgi?id=828390
https://bugzilla.novell.com/show_bug.cgi?id=828598
https://bugzilla.novell.com/show_bug.cgi?id=829017
https://bugzilla.novell.com/show_bug.cgi?id=830205
https://bugzilla.novell.com/show_bug.cgi?id=831457
https://bugzilla.novell.com/show_bug.cgi?id=831578
https://bugzilla.novell.com/show_bug.cgi?id=834035
https://bugzilla.novell.com/show_bug.cgi?id=834705
https://bugzilla.novell.com/show_bug.cgi?id=834720
https://bugzilla.novell.com/show_bug.cgi?id=834722
https://bugzilla.novell.com/show_bug.cgi?id=835985
https://bugzilla.novell.com/show_bug.cgi?id=837302
https://bugzilla.novell.com/show_bug.cgi?id=839727
https://bugzilla.novell.com/show_bug.cgi?id=862510
https://bugzilla.novell.com/show_bug.cgi?id=863021
https://bugzilla.novell.com/show_bug.cgi?id=864396
https://bugzilla.novell.com/show_bug.cgi?id=870234
https://bugzilla.novell.com/show_bug.cgi?id=878854
https://bugzilla.novell.com/show_bug.cgi?id=893141
http://support.novell.com/security/cve/CVE-2013-4156.html
http://support.novell.com/security/cve/CVE-2014-3575.html

Solution :

Apply SAT patch number 9677.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 77663 ()

Bugtraq ID:

CVE ID: CVE-2013-4156
CVE-2014-3575

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now