openSUSE Security Update : LibreOffice (openSUSE-2016-871)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

LibreOffice was updated to version 5.1.3.2, bringing many new features
and bug fixes.

Two security issues have been fixed :

- CVE-2016-0795: LibreOffice allowed remote attackers to
cause a denial of service (memory corruption) or
possibly have unspecified other impact via a crafted
LwpTocSuperLayout record in a LotusWordPro (lwp)
document.

- CVE-2016-0794: The lwp filter in LibreOffice allowed
remote attackers to cause a denial of service (memory
corruption) or possibly have unspecified other impact
via a crafted LotusWordPro (lwp) document.

A comprehensive list of new features and improvements in this release
is provided by the Document Foundation at
https://wiki.documentfoundation.org/ReleaseNotes/5.1 .

This update was imported from the SUSE:SLE-12:Update project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=718113
https://bugzilla.opensuse.org/show_bug.cgi?id=856729
https://bugzilla.opensuse.org/show_bug.cgi?id=939998
https://bugzilla.opensuse.org/show_bug.cgi?id=945443
https://bugzilla.opensuse.org/show_bug.cgi?id=945445
https://bugzilla.opensuse.org/show_bug.cgi?id=955832
https://bugzilla.opensuse.org/show_bug.cgi?id=965294
https://bugzilla.opensuse.org/show_bug.cgi?id=965296
https://bugzilla.opensuse.org/show_bug.cgi?id=967014
https://bugzilla.opensuse.org/show_bug.cgi?id=967015
https://bugzilla.opensuse.org/show_bug.cgi?id=977784
https://features.opensuse.org/320521
https://wiki.documentfoundation.org/ReleaseNotes/5.1

Solution :

Update the affected LibreOffice packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 92310 ()

Bugtraq ID:

CVE ID: CVE-2016-0794
CVE-2016-0795

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now