openSUSE Security Update : LibreOffice and related libraries (openSUSE-2016-273)

High Nessus Plugin ID 89016


The remote openSUSE host is missing a security update.


This update for LibreOffice and some library dependencies (cmis-client, libetonyek, libmwaw, libodfgen, libpagemaker, libreoffice-share-linker, mdds, libwps) fixes the following issues :

Changes in libreoffice :

- Provide l10n-pt from pt-PT

- boo#945047 - LO-L3: LO is duplicating master pages, extended fix

- boo#951579 - LO-L3: [LibreOffice] Calc 5.0 fails to open ods files

- deleted RPATH prevented loading of bundled 3rd party RDF handler libs

- Version update to :

- Final of the 5.0.4 series

- boo#945047 - LO-L3: LO is duplicating master pages

- Version update to :

- rc1 of 5.0.4 with various regression fixes

- boo#954345 - LO-L3: Insert-->Image-->Insert as Link hangs writer

- Version update to :

- Final tag of 5.0.3 release

- Fix boo#939996 - LO-L3: Some bits from DOCX file are not imported

- Fix boo#889755 - LO-L3: PPTX: chart axis number format incorrect

- boo#679938 - LO-L3: saving to doc file the chapter name in the header does not change with chapters

- Version update to 5.0.3RC1 as it should fix i586 test failure

- Update text2number extension to 1.5.0

- obsolete libreoffice-mono

- pentaho-flow-reporting require is conditional on system_libs

- Update icon theme dependencies


- Version bump to 5.0.2 final fate#318856 fate#319071 boo#943075 boo#945692 :

- Small tweaks compared to rc1

- For sake of completion this release also contains security fixes for boo#910806 CVE-2014-8147, boo#907636 CVE-2014-9093, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-45513, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-45513, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-4551

- Use gcc48 to build on sle11sp4

- Make debuginfo's smaller on IBS.

- Fix chrpath call after the libs got -lo suffixing

- Add patch to fix qt4 features detection :

- kde4filepicker.patch

- Split out gtk3 UI to separate subpkg that requires gnome subpkg

- This is to allow people to test gtk3 while it not being default

- Version update to 5.0.2 rc1 :

- Various small tweaks and integration of our SLE11 patchsets

- Update constraints to 30 GB on disk

- Version bump to 5.0.1 rc2 :

- breeze icons extension

- Credits update

- Various small fixes

- Version bump to 5.0.1 rc1 :

- Various small fixes

- Has some commits around screen rendering -> could fix kde bugs

- Kill branding-openSUSE, stick to TDF branding.

- Version bump to 5.0 rc5 :

- Bunch of final touchups here and there

- Remove some upstreamed patches :

- old-cairo.patch

- Add explicit requires over libmysqlclient_r18, should cover boo#829430

- Add patch to build with old cairo (sle11).

- Version bump to 5.0 rc3 :

- Various more fixes closing on the 5.0 release

- Update to 5.0 rc2 :

- Few small fixes and updates in internal libraries

- Version bump to 5.0 rc1, remove obsolete patches :

- 0001-Fix-could-not-convert-.-const-char-to-const-rtl-OUS t.patch

- 0001-writerperfect-fix-gcc-4.7-build.patch

- More chrpat love for sle11

- Add python-importlib to build/requirements on py2 distros

- Provide/obsolete crystal icons so they are purged and not left over

- Fix breeze icons handling, drop crystal icons.

- Version bump to 5.0.0.beta3 :

- Drop merged patch 0001-Make-cpp-poppler-version.h-header-optional.patch

- Update some internal tarballs so we keep building

- based on these bumps update the buildrequires too

- Generate python cache files wrt boo#929793

- Update %post scriptlets to work on sle11 again

- Split out the share -> lib linker to hopefully allow sle11 build

- One more fix for help handling boo#915996

- Version bump to 4.4.3 release :

- Various small fixes all around

- Disable verbose build to pass check on maximal size of log

- We need pre/post for libreoffice in langpkgs

- Use old java for detection and old commons-lang/codec to pass brp check on java from sle11

- 0001-Make-HAVE_JAVA6-be-always-false.patch

- Revert last changeset, it is caused by something else this time :

- 0001-Set-source-and-target-params-for-java.patch

- Set source/target for javac when building to work on SLE11 :

- 0001-Set-source-and-target-params-for-java.patch

- Try to deal with rpath on bundled libs

- Fix python3_sitelib not being around for py2

- Add internal make for too old system

- One more stab on poppler switch :

- 0001-Make-cpp-poppler-version.h-header-optional.patch

- Update the old-poppler patch to work correctly :

- 0001-Make-cpp-poppler-version.h-header-optional.patch

- Sort out more external tarballs for the no-system-libs approach

- Add basic external tarballs needed for without-system-libraries

- Add patch to check for poppler more nicely to work on older distros :

- 0001-Make-cpp-poppler-version.h-header-optional.patch

- Try to pass configure without system libs

- Allow switch between py2 and py3

- Move external dependencies in conditional thus allow build on SLE11

- Add conditional for noarch subpackages

- Add switch in configure to detect more of internal/external stuff

- Add conditional for appdatastore thing and redo it to impact the spec less

- Add systemlibs switch to be used in attempt to build sle11 build

- Silence more scarry messages by boo#900186

- Fixes autocorr symlinking

- Cleans UNO cache in more pretty way

- Clean up the uno cache removal to not display scarry message boo#900186

- Remove patch to look for help in /usr/share, we symlink it back to lib, so there is no actual need to search for it directly, migth fix boo#915996 :

- officecfg-help-in-usr-share.diff

- --disable-collada

- reportedly it does not work in LibreOffice 4.4

- added version numbers to some BuildRequires lines

- Require flow engine too on base

- Fix build on SLE12 and 13.1 by adding conditional for appdata install

- Fixup the installed appdata.xml files: they reference a .desktop file that are not installed by libreoffice (boo#926375).

- Version bump to 4.4.2 :

- 2nd bugfix update for the 4.4 series

- BuildRequires: libodfgen-devel >= 0.1

- added version numbers to some BuildRequires lines

- build does not require python3-lxml

- build requires librevenge-devel >= 0.0.1

- vlc media backend is broken, don't use it. Only gstreamer should be used.

- Install the .appdata.xml files shipped by upstream:
allow LO to be shown in AppStream based software centers.

- Move pretrans to pre

- Version bump to 4.4.1 first bugfix release of the series

- Reduce bit the compilation preparations as we prepped most of the things by _constraints and it is no longer needed

- %pre is not enough the script needs to be rewritten in lua

- Move removal of obsolete dirs from %pretrans to %pre boo#916181

- Version bump to 4.4.0 final :

- First in the 4.4 series

- First release to have the new UI elements without old hardcoded sizes

- Various improvements all around.

- Version bump to 4.4.0rc2 :

- Various bugfixes, just bumping to see if we still build fine.

- That verbose switch for configure was really really bad idea

- generic for galaxy icons seem gone so remove

- Do not supplement kde3 stuff, it is way beyond obsolete

- Remove vlc conditional

- korea.xcd is no more so remove

- Really use mergelib

- Disable telepathy, it really is experimental like hell

- Version bump to 4.4.0rc1 :

- New 4.4 branch release with additional features

- Enable collada :

- New bundled collada2gltf tarball:
4b87018f7fff1d054939d19920b751a0-collada2gltf-master-cb1 d97788a.tar.bz2

- Remove errorous self-obsolete in lang pkgs.

- Version bump to :

- Various bugfixes from maintenance branch to copy openSUSE.

- Also contains fix for boo#900214 and boo#900218 CVE-2014-3693

- fix regression in bullets (boo#897903).

- Add masterpage_style_parent.odp as new file for regression test for bullets. Changes in cmis-client :

- Update to version 0.5.0

+ Completely removed the dependency on InMemory server for unit tests

+ Minimized the number of HTTP requests sent by SessionFactory::createSession

+ Added Session::getBaseTypes()

- Bump soname to 0_5-5

- Bump incname to 0.5

Changes in libetonyek :

- Version bump to 0.1.3 :

- Various small fixes

- More imported now imported

- Now use mdds to help with some hashing

- Version bump to 0.1.2 :

- Initial support for pages and numbers

- Ditch libetonyek-0.1.1-constants.patch as we do not require us to build for older boost

Changes in libmwaw :

- Version bump to 0.3.6 :

- Added a minimal parser for ApplePict v1.v2, ie. no clipping, does not take in account the copy mode:
srcCopy, srcOr, ...

- Extended the --with-docs configure option to allow to build doc only for the API classes:
--with-docs=no|api|full .

- Added a parser for MacDraft v4-v5 documents.

- RagTime v5-v6 parser: try to retrieve the main layouts and the picture/shape/textbox, ie. now, it generates result but it is still very imcomplete...

- MWAW{Graphic,Presentation,Text}Listener: corrected a problem in openGroup which may create to incorrect document.

- Created an MWAWEmbeddedObject class to store a picture with various representations.

- MWAW*Listener: renamed insertPicture to insertShape, added a function to insert a texbox in a MWAWGraphicShape (which only insert a basic textbox).

- Fixed many crashes and hangs when importing broken files, found with the help of american-fuzzy-lop.

- And several other minor fixes and improvements.

- Version bump to 0.3.5

- Various small fixes on 0.3 series, nothing big woth mention

Changes in libodfgen :

- Version bump to 0.1.4 :

- drawing interface: do no forget to call startDocument/endDocument when writing in the manifest

- metadata: added handler for 'template' metadata, unknown metadata are written in a meta:user-defined elements,

- defineSheetNumberingStyle: can now define styles for the whole document (and not only for the actual sheet)

- update doxygen configuration file + add a make astyle command

- Allow writing meta:creation-date metadata element for drawings and presentations too.

- Improve handling of headings. Most importantly, write valid ODF.

- Write meta:generator metadata element.

- Add initial support for embedded fonts. It is currently limited to Flat ODF output.

- Upgrade to version 0.1.2

- Use text:h element for headings. Any paragraph with text:outline-level property is recognized as a heading.

- Handle layers.

- Improve handling of styles. Particularly, do not emit duplicate styles.

- Slightly improve documentation.

- Handle master pages.

- Do not expect that integer properties are always in inches.

- Fix misspelled style:paragraph-properties element in presentation notes.

- Only export public symbols on Linux.

- Fix bogus XML-escaping of metadata values.

- And many other improvements and fixes.

Changes in libpagemaker :

- Initial package based on upstream libpagemaker 0.0.2

Changes in libreoffice-share-linker :

- Initial commit, split out from main libreoffice package to workaround issues on SLE11 build Changes in mdds :

- Update to version 0.12.1 :

- Various small fixes on 0.12 series

- Just move define up and comment why we redefine docdir

- more types are possible in segment_tree data structures (previously only pointers were possible)

- added sorted_string_map

- multi_type_vector bugfixes Changes in libwps :

- Update to version 0.4.1 :

+ QuattroPro: correct a mistake when reading negative cell's position.

+ Fix some Windows build problems.

+ Fix more than 10 hangs when reading damaged files, found with the help of american-fuzzy-lop.

+ Performance: improve the sheet's output generation.

+ add support for unknown encoding files (ie. DOS file)

+ add potential support for converting Lotus, ...

+ accept to convert all Lotus Wk1 files and Symphony Wk1 files,

+ add support for Lotus Wk3 and Wk4 documents,

+ add support for Quattro Pro Wq1 and Wq2 documents,

+ only in debug mode, add pre-support for Lotus Wk5..., must allow to retrieve the main sheets content's with no formatting,

+ add potential support for asking the document's password ( but do nothing )

+ correct some compiler warnings when compiling in debug mode.

+ Fix parsing of floating-point numbers in specific cases.

+ Fix several minor issues reported by Coverity and Clang.

+ Check arguments of public functions. Passing NULL no longer causes a crash.

+ Use symbol visibility on Linux. The library only exports the public functions now.

+ Import @TERM and @CTERM functions (fdo#86241).

+ Handle LICS character encoding in spreadsheets (fdo#87222).

+ Fix a crash when reading a broken file, found with the help of american-fuzzy-lop.


Update the affected LibreOffice and related libraries packages.

See Also

Plugin Details

Severity: High

ID: 89016

File Name: openSUSE-2016-273.nasl

Version: $Revision: 2.1 $

Type: local

Agent: unix

Published: 2016/02/29

Modified: 2016/02/29

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:cmis-client, p-cpe:/a:novell:opensuse:cmis-client-debuginfo, p-cpe:/a:novell:opensuse:cmis-client-debugsource, p-cpe:/a:novell:opensuse:libcmis-0_5-5, p-cpe:/a:novell:opensuse:libcmis-0_5-5-debuginfo, p-cpe:/a:novell:opensuse:libcmis-c-0_5-5, p-cpe:/a:novell:opensuse:libcmis-c-0_5-5-debuginfo, p-cpe:/a:novell:opensuse:libcmis-c-devel, p-cpe:/a:novell:opensuse:libcmis-devel, p-cpe:/a:novell:opensuse:libetonyek-0_1-1, p-cpe:/a:novell:opensuse:libetonyek-0_1-1-debuginfo, p-cpe:/a:novell:opensuse:libetonyek-debugsource, p-cpe:/a:novell:opensuse:libetonyek-devel, p-cpe:/a:novell:opensuse:libetonyek-tools, p-cpe:/a:novell:opensuse:libetonyek-tools-debuginfo, p-cpe:/a:novell:opensuse:libmwaw-0_3-3, p-cpe:/a:novell:opensuse:libmwaw-0_3-3-debuginfo, p-cpe:/a:novell:opensuse:libmwaw-debugsource, p-cpe:/a:novell:opensuse:libmwaw-devel, p-cpe:/a:novell:opensuse:libmwaw-tools, p-cpe:/a:novell:opensuse:libmwaw-tools-debuginfo, p-cpe:/a:novell:opensuse:libodfgen-0_1-1, p-cpe:/a:novell:opensuse:libodfgen-0_1-1-debuginfo, p-cpe:/a:novell:opensuse:libodfgen-debugsource, p-cpe:/a:novell:opensuse:libodfgen-devel, p-cpe:/a:novell:opensuse:libpagemaker-0_0-0, p-cpe:/a:novell:opensuse:libpagemaker-0_0-0-debuginfo, p-cpe:/a:novell:opensuse:libpagemaker-debugsource, p-cpe:/a:novell:opensuse:libpagemaker-devel, p-cpe:/a:novell:opensuse:libpagemaker-tools, p-cpe:/a:novell:opensuse:libpagemaker-tools-debuginfo, p-cpe:/a:novell:opensuse:libreoffice, p-cpe:/a:novell:opensuse:libreoffice-base, p-cpe:/a:novell:opensuse:libreoffice-base-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-branding-upstream, p-cpe:/a:novell:opensuse:libreoffice-calc, p-cpe:/a:novell:opensuse:libreoffice-calc-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-calc-extensions, p-cpe:/a:novell:opensuse:libreoffice-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-debugsource, p-cpe:/a:novell:opensuse:libreoffice-draw, p-cpe:/a:novell:opensuse:libreoffice-draw-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-filters-optional, p-cpe:/a:novell:opensuse:libreoffice-gnome, p-cpe:/a:novell:opensuse:libreoffice-gnome-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-gtk3, p-cpe:/a:novell:opensuse:libreoffice-gtk3-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-breeze, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-galaxy, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-hicontrast, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-oxygen, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-sifr, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-tango, p-cpe:/a:novell:opensuse:libreoffice-impress, p-cpe:/a:novell:opensuse:libreoffice-impress-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-kde4, p-cpe:/a:novell:opensuse:libreoffice-kde4-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-l10n-af, p-cpe:/a:novell:opensuse:libreoffice-l10n-ar, p-cpe:/a:novell:opensuse:libreoffice-l10n-as, p-cpe:/a:novell:opensuse:libreoffice-l10n-bg, p-cpe:/a:novell:opensuse:libreoffice-l10n-bn, p-cpe:/a:novell:opensuse:libreoffice-l10n-br, p-cpe:/a:novell:opensuse:libreoffice-l10n-ca, p-cpe:/a:novell:opensuse:libreoffice-l10n-cs, p-cpe:/a:novell:opensuse:libreoffice-l10n-cy, p-cpe:/a:novell:opensuse:libreoffice-l10n-da, p-cpe:/a:novell:opensuse:libreoffice-l10n-de, p-cpe:/a:novell:opensuse:libreoffice-l10n-dz, p-cpe:/a:novell:opensuse:libreoffice-l10n-el, p-cpe:/a:novell:opensuse:libreoffice-l10n-en, p-cpe:/a:novell:opensuse:libreoffice-l10n-es, p-cpe:/a:novell:opensuse:libreoffice-l10n-et, p-cpe:/a:novell:opensuse:libreoffice-l10n-eu, p-cpe:/a:novell:opensuse:libreoffice-l10n-fa, p-cpe:/a:novell:opensuse:libreoffice-l10n-fi, p-cpe:/a:novell:opensuse:libreoffice-l10n-fr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ga, p-cpe:/a:novell:opensuse:libreoffice-l10n-gl, p-cpe:/a:novell:opensuse:libreoffice-l10n-gu, p-cpe:/a:novell:opensuse:libreoffice-l10n-he, p-cpe:/a:novell:opensuse:libreoffice-l10n-hi, p-cpe:/a:novell:opensuse:libreoffice-l10n-hr, p-cpe:/a:novell:opensuse:libreoffice-l10n-hu, p-cpe:/a:novell:opensuse:libreoffice-l10n-it, p-cpe:/a:novell:opensuse:libreoffice-l10n-ja, p-cpe:/a:novell:opensuse:libreoffice-l10n-kk, p-cpe:/a:novell:opensuse:libreoffice-l10n-kn, p-cpe:/a:novell:opensuse:libreoffice-l10n-ko, p-cpe:/a:novell:opensuse:libreoffice-l10n-lt, p-cpe:/a:novell:opensuse:libreoffice-l10n-lv, p-cpe:/a:novell:opensuse:libreoffice-l10n-mai, p-cpe:/a:novell:opensuse:libreoffice-l10n-ml, p-cpe:/a:novell:opensuse:libreoffice-l10n-mr, p-cpe:/a:novell:opensuse:libreoffice-l10n-nb, p-cpe:/a:novell:opensuse:libreoffice-l10n-nl, p-cpe:/a:novell:opensuse:libreoffice-l10n-nn, p-cpe:/a:novell:opensuse:libreoffice-l10n-nr, p-cpe:/a:novell:opensuse:libreoffice-l10n-nso, p-cpe:/a:novell:opensuse:libreoffice-l10n-or, p-cpe:/a:novell:opensuse:libreoffice-l10n-pa, p-cpe:/a:novell:opensuse:libreoffice-l10n-pl, p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-BR, p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-PT, p-cpe:/a:novell:opensuse:libreoffice-l10n-ro, p-cpe:/a:novell:opensuse:libreoffice-l10n-ru, p-cpe:/a:novell:opensuse:libreoffice-l10n-si, p-cpe:/a:novell:opensuse:libreoffice-l10n-sk, p-cpe:/a:novell:opensuse:libreoffice-l10n-sl, p-cpe:/a:novell:opensuse:libreoffice-l10n-sr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ss, p-cpe:/a:novell:opensuse:libreoffice-l10n-st, p-cpe:/a:novell:opensuse:libreoffice-l10n-sv, p-cpe:/a:novell:opensuse:libreoffice-l10n-ta, p-cpe:/a:novell:opensuse:libreoffice-l10n-te, p-cpe:/a:novell:opensuse:libreoffice-l10n-th, p-cpe:/a:novell:opensuse:libreoffice-l10n-tn, p-cpe:/a:novell:opensuse:libreoffice-l10n-tr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ts, p-cpe:/a:novell:opensuse:libreoffice-l10n-uk, p-cpe:/a:novell:opensuse:libreoffice-l10n-ve, p-cpe:/a:novell:opensuse:libreoffice-l10n-xh, p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-Hans, p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-Hant, p-cpe:/a:novell:opensuse:libreoffice-l10n-zu, p-cpe:/a:novell:opensuse:libreoffice-mailmerge, p-cpe:/a:novell:opensuse:libreoffice-math, p-cpe:/a:novell:opensuse:libreoffice-math-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-officebean, p-cpe:/a:novell:opensuse:libreoffice-officebean-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-pyuno, p-cpe:/a:novell:opensuse:libreoffice-pyuno-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-sdk, p-cpe:/a:novell:opensuse:libreoffice-sdk-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-share-linker, p-cpe:/a:novell:opensuse:libreoffice-writer, p-cpe:/a:novell:opensuse:libreoffice-writer-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-writer-extensions, p-cpe:/a:novell:opensuse:libwps-0_4-4, p-cpe:/a:novell:opensuse:libwps-0_4-4-debuginfo, p-cpe:/a:novell:opensuse:libwps-debugsource, p-cpe:/a:novell:opensuse:libwps-devel, p-cpe:/a:novell:opensuse:libwps-tools, p-cpe:/a:novell:opensuse:libwps-tools-debuginfo, p-cpe:/a:novell:opensuse:mdds-devel, cpe:/o:novell:opensuse:13.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2016/02/25

Reference Information

CVE: CVE-2014-3693, CVE-2014-8146, CVE-2014-8147, CVE-2014-9093, CVE-2015-4551, CVE-2015-45513, CVE-2015-5212, CVE-2015-5213, CVE-2015-5214