openSUSE Security Update : LibreOffice and related libraries (openSUSE-2016-273)

high Nessus Plugin ID 89016
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.


The remote openSUSE host is missing a security update.


This update for LibreOffice and some library dependencies (cmis-client, libetonyek, libmwaw, libodfgen, libpagemaker, libreoffice-share-linker, mdds, libwps) fixes the following issues :

Changes in libreoffice :

- Provide l10n-pt from pt-PT

- boo#945047 - LO-L3: LO is duplicating master pages, extended fix

- boo#951579 - LO-L3: [LibreOffice] Calc 5.0 fails to open ods files

- deleted RPATH prevented loading of bundled 3rd party RDF handler libs

- Version update to :

- Final of the 5.0.4 series

- boo#945047 - LO-L3: LO is duplicating master pages

- Version update to :

- rc1 of 5.0.4 with various regression fixes

- boo#954345 - LO-L3: Insert-->Image-->Insert as Link hangs writer

- Version update to :

- Final tag of 5.0.3 release

- Fix boo#939996 - LO-L3: Some bits from DOCX file are not imported

- Fix boo#889755 - LO-L3: PPTX: chart axis number format incorrect

- boo#679938 - LO-L3: saving to doc file the chapter name in the header does not change with chapters

- Version update to 5.0.3RC1 as it should fix i586 test failure

- Update text2number extension to 1.5.0

- obsolete libreoffice-mono

- pentaho-flow-reporting require is conditional on system_libs

- Update icon theme dependencies


- Version bump to 5.0.2 final fate#318856 fate#319071 boo#943075 boo#945692 :

- Small tweaks compared to rc1

- For sake of completion this release also contains security fixes for boo#910806 CVE-2014-8147, boo#907636 CVE-2014-9093, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-45513, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-45513, boo#934423 CVE-2015-4551, boo#910805 CVE-2014-8146, boo#940838 CVE-2015-5214, boo#936190 CVE-2015-5213, boo#936188 CVE-2015-5212, boo#934423 CVE-2015-4551

- Use gcc48 to build on sle11sp4

- Make debuginfo's smaller on IBS.

- Fix chrpath call after the libs got -lo suffixing

- Add patch to fix qt4 features detection :

- kde4filepicker.patch

- Split out gtk3 UI to separate subpkg that requires gnome subpkg

- This is to allow people to test gtk3 while it not being default

- Version update to 5.0.2 rc1 :

- Various small tweaks and integration of our SLE11 patchsets

- Update constraints to 30 GB on disk

- Version bump to 5.0.1 rc2 :

- breeze icons extension

- Credits update

- Various small fixes

- Version bump to 5.0.1 rc1 :

- Various small fixes

- Has some commits around screen rendering -> could fix kde bugs

- Kill branding-openSUSE, stick to TDF branding.

- Version bump to 5.0 rc5 :

- Bunch of final touchups here and there

- Remove some upstreamed patches :

- old-cairo.patch

- Add explicit requires over libmysqlclient_r18, should cover boo#829430

- Add patch to build with old cairo (sle11).

- Version bump to 5.0 rc3 :

- Various more fixes closing on the 5.0 release

- Update to 5.0 rc2 :

- Few small fixes and updates in internal libraries

- Version bump to 5.0 rc1, remove obsolete patches :

- 0001-Fix-could-not-convert-.-const-char-to-const-rtl-OUS t.patch

- 0001-writerperfect-fix-gcc-4.7-build.patch

- More chrpat love for sle11

- Add python-importlib to build/requirements on py2 distros

- Provide/obsolete crystal icons so they are purged and not left over

- Fix breeze icons handling, drop crystal icons.

- Version bump to 5.0.0.beta3 :

- Drop merged patch 0001-Make-cpp-poppler-version.h-header-optional.patch

- Update some internal tarballs so we keep building

- based on these bumps update the buildrequires too

- Generate python cache files wrt boo#929793

- Update %post scriptlets to work on sle11 again

- Split out the share -> lib linker to hopefully allow sle11 build

- One more fix for help handling boo#915996

- Version bump to 4.4.3 release :

- Various small fixes all around

- Disable verbose build to pass check on maximal size of log

- We need pre/post for libreoffice in langpkgs

- Use old java for detection and old commons-lang/codec to pass brp check on java from sle11

- 0001-Make-HAVE_JAVA6-be-always-false.patch

- Revert last changeset, it is caused by something else this time :

- 0001-Set-source-and-target-params-for-java.patch

- Set source/target for javac when building to work on SLE11 :

- 0001-Set-source-and-target-params-for-java.patch

- Try to deal with rpath on bundled libs

- Fix python3_sitelib not being around for py2

- Add internal make for too old system

- One more stab on poppler switch :

- 0001-Make-cpp-poppler-version.h-header-optional.patch

- Update the old-poppler patch to work correctly :

- 0001-Make-cpp-poppler-version.h-header-optional.patch

- Sort out more external tarballs for the no-system-libs approach

- Add basic external tarballs needed for without-system-libraries

- Add patch to check for poppler more nicely to work on older distros :

- 0001-Make-cpp-poppler-version.h-header-optional.patch

- Try to pass configure without system libs

- Allow switch between py2 and py3

- Move external dependencies in conditional thus allow build on SLE11

- Add conditional for noarch subpackages

- Add switch in configure to detect more of internal/external stuff

- Add conditional for appdatastore thing and redo it to impact the spec less

- Add systemlibs switch to be used in attempt to build sle11 build

- Silence more scarry messages by boo#900186

- Fixes autocorr symlinking

- Cleans UNO cache in more pretty way

- Clean up the uno cache removal to not display scarry message boo#900186

- Remove patch to look for help in /usr/share, we symlink it back to lib, so there is no actual need to search for it directly, migth fix boo#915996 :

- officecfg-help-in-usr-share.diff

- --disable-collada

- reportedly it does not work in LibreOffice 4.4

- added version numbers to some BuildRequires lines

- Require flow engine too on base

- Fix build on SLE12 and 13.1 by adding conditional for appdata install

- Fixup the installed appdata.xml files: they reference a .desktop file that are not installed by libreoffice (boo#926375).

- Version bump to 4.4.2 :

- 2nd bugfix update for the 4.4 series

- BuildRequires: libodfgen-devel >= 0.1

- added version numbers to some BuildRequires lines

- build does not require python3-lxml

- build requires librevenge-devel >= 0.0.1

- vlc media backend is broken, don't use it. Only gstreamer should be used.

- Install the .appdata.xml files shipped by upstream:
allow LO to be shown in AppStream based software centers.

- Move pretrans to pre

- Version bump to 4.4.1 first bugfix release of the series

- Reduce bit the compilation preparations as we prepped most of the things by _constraints and it is no longer needed

- %pre is not enough the script needs to be rewritten in lua

- Move removal of obsolete dirs from %pretrans to %pre boo#916181

- Version bump to 4.4.0 final :

- First in the 4.4 series

- First release to have the new UI elements without old hardcoded sizes

- Various improvements all around.

- Version bump to 4.4.0rc2 :

- Various bugfixes, just bumping to see if we still build fine.

- That verbose switch for configure was really really bad idea

- generic for galaxy icons seem gone so remove

- Do not supplement kde3 stuff, it is way beyond obsolete

- Remove vlc conditional

- korea.xcd is no more so remove

- Really use mergelib

- Disable telepathy, it really is experimental like hell

- Version bump to 4.4.0rc1 :

- New 4.4 branch release with additional features

- Enable collada :

- New bundled collada2gltf tarball:
4b87018f7fff1d054939d19920b751a0-collada2gltf-master-cb1 d97788a.tar.bz2

- Remove errorous self-obsolete in lang pkgs.

- Version bump to :

- Various bugfixes from maintenance branch to copy openSUSE.

- Also contains fix for boo#900214 and boo#900218 CVE-2014-3693

- fix regression in bullets (boo#897903).

- Add masterpage_style_parent.odp as new file for regression test for bullets. Changes in cmis-client :

- Update to version 0.5.0

+ Completely removed the dependency on InMemory server for unit tests

+ Minimized the number of HTTP requests sent by SessionFactory::createSession

+ Added Session::getBaseTypes()

- Bump soname to 0_5-5

- Bump incname to 0.5

Changes in libetonyek :

- Version bump to 0.1.3 :

- Various small fixes

- More imported now imported

- Now use mdds to help with some hashing

- Version bump to 0.1.2 :

- Initial support for pages and numbers

- Ditch libetonyek-0.1.1-constants.patch as we do not require us to build for older boost

Changes in libmwaw :

- Version bump to 0.3.6 :

- Added a minimal parser for ApplePict v1.v2, ie. no clipping, does not take in account the copy mode:
srcCopy, srcOr, ...

- Extended the --with-docs configure option to allow to build doc only for the API classes:
--with-docs=no|api|full .

- Added a parser for MacDraft v4-v5 documents.

- RagTime v5-v6 parser: try to retrieve the main layouts and the picture/shape/textbox, ie. now, it generates result but it is still very imcomplete...

- MWAW(Graphic,Presentation,Text)Listener: corrected a problem in openGroup which may create to incorrect document.

- Created an MWAWEmbeddedObject class to store a picture with various representations.

- MWAW*Listener: renamed insertPicture to insertShape, added a function to insert a texbox in a MWAWGraphicShape (which only insert a basic textbox).

- Fixed many crashes and hangs when importing broken files, found with the help of american-fuzzy-lop.

- And several other minor fixes and improvements.

- Version bump to 0.3.5

- Various small fixes on 0.3 series, nothing big woth mention

Changes in libodfgen :

- Version bump to 0.1.4 :

- drawing interface: do no forget to call startDocument/endDocument when writing in the manifest

- metadata: added handler for 'template' metadata, unknown metadata are written in a meta:user-defined elements,

- defineSheetNumberingStyle: can now define styles for the whole document (and not only for the actual sheet)

- update doxygen configuration file + add a make astyle command

- Allow writing meta:creation-date metadata element for drawings and presentations too.

- Improve handling of headings. Most importantly, write valid ODF.

- Write meta:generator metadata element.

- Add initial support for embedded fonts. It is currently limited to Flat ODF output.

- Upgrade to version 0.1.2

- Use text:h element for headings. Any paragraph with text:outline-level property is recognized as a heading.

- Handle layers.

- Improve handling of styles. Particularly, do not emit duplicate styles.

- Slightly improve documentation.

- Handle master pages.

- Do not expect that integer properties are always in inches.

- Fix misspelled style:paragraph-properties element in presentation notes.

- Only export public symbols on Linux.

- Fix bogus XML-escaping of metadata values.

- And many other improvements and fixes.

Changes in libpagemaker :

- Initial package based on upstream libpagemaker 0.0.2

Changes in libreoffice-share-linker :

- Initial commit, split out from main libreoffice package to workaround issues on SLE11 build Changes in mdds :

- Update to version 0.12.1 :

- Various small fixes on 0.12 series

- Just move define up and comment why we redefine docdir

- more types are possible in segment_tree data structures (previously only pointers were possible)

- added sorted_string_map

- multi_type_vector bugfixes Changes in libwps :

- Update to version 0.4.1 :

+ QuattroPro: correct a mistake when reading negative cell's position.

+ Fix some Windows build problems.

+ Fix more than 10 hangs when reading damaged files, found with the help of american-fuzzy-lop.

+ Performance: improve the sheet's output generation.

+ add support for unknown encoding files (ie. DOS file)

+ add potential support for converting Lotus, ...

+ accept to convert all Lotus Wk1 files and Symphony Wk1 files,

+ add support for Lotus Wk3 and Wk4 documents,

+ add support for Quattro Pro Wq1 and Wq2 documents,

+ only in debug mode, add pre-support for Lotus Wk5..., must allow to retrieve the main sheets content's with no formatting,

+ add potential support for asking the document's password ( but do nothing )

+ correct some compiler warnings when compiling in debug mode.

+ Fix parsing of floating-point numbers in specific cases.

+ Fix several minor issues reported by Coverity and Clang.

+ Check arguments of public functions. Passing NULL no longer causes a crash.

+ Use symbol visibility on Linux. The library only exports the public functions now.

+ Import @TERM and @CTERM functions (fdo#86241).

+ Handle LICS character encoding in spreadsheets (fdo#87222).

+ Fix a crash when reading a broken file, found with the help of american-fuzzy-lop.


Update the affected LibreOffice and related libraries packages.

See Also

Plugin Details

Severity: High

ID: 89016

File Name: openSUSE-2016-273.nasl

Version: 2.5

Type: local

Agent: unix

Published: 2/29/2016

Updated: 1/19/2021

Dependencies: ssh_get_info.nasl

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:cmis-client, p-cpe:/a:novell:opensuse:cmis-client-debuginfo, p-cpe:/a:novell:opensuse:cmis-client-debugsource, p-cpe:/a:novell:opensuse:libcmis-0_5-5, p-cpe:/a:novell:opensuse:libcmis-0_5-5-debuginfo, p-cpe:/a:novell:opensuse:libcmis-c-0_5-5, p-cpe:/a:novell:opensuse:libcmis-c-0_5-5-debuginfo, p-cpe:/a:novell:opensuse:libcmis-c-devel, p-cpe:/a:novell:opensuse:libcmis-devel, p-cpe:/a:novell:opensuse:libetonyek-0_1-1, p-cpe:/a:novell:opensuse:libetonyek-0_1-1-debuginfo, p-cpe:/a:novell:opensuse:libetonyek-debugsource, p-cpe:/a:novell:opensuse:libetonyek-devel, p-cpe:/a:novell:opensuse:libetonyek-tools, p-cpe:/a:novell:opensuse:libetonyek-tools-debuginfo, p-cpe:/a:novell:opensuse:libmwaw-0_3-3, p-cpe:/a:novell:opensuse:libmwaw-0_3-3-debuginfo, p-cpe:/a:novell:opensuse:libmwaw-debugsource, p-cpe:/a:novell:opensuse:libmwaw-devel, p-cpe:/a:novell:opensuse:libmwaw-tools, p-cpe:/a:novell:opensuse:libmwaw-tools-debuginfo, p-cpe:/a:novell:opensuse:libodfgen-0_1-1, p-cpe:/a:novell:opensuse:libodfgen-0_1-1-debuginfo, p-cpe:/a:novell:opensuse:libodfgen-debugsource, p-cpe:/a:novell:opensuse:libodfgen-devel, p-cpe:/a:novell:opensuse:libpagemaker-0_0-0, p-cpe:/a:novell:opensuse:libpagemaker-0_0-0-debuginfo, p-cpe:/a:novell:opensuse:libpagemaker-debugsource, p-cpe:/a:novell:opensuse:libpagemaker-devel, p-cpe:/a:novell:opensuse:libpagemaker-tools, p-cpe:/a:novell:opensuse:libpagemaker-tools-debuginfo, p-cpe:/a:novell:opensuse:libreoffice, p-cpe:/a:novell:opensuse:libreoffice-base, p-cpe:/a:novell:opensuse:libreoffice-base-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-branding-upstream, p-cpe:/a:novell:opensuse:libreoffice-calc, p-cpe:/a:novell:opensuse:libreoffice-calc-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-calc-extensions, p-cpe:/a:novell:opensuse:libreoffice-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-debugsource, p-cpe:/a:novell:opensuse:libreoffice-draw, p-cpe:/a:novell:opensuse:libreoffice-draw-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-filters-optional, p-cpe:/a:novell:opensuse:libreoffice-gnome, p-cpe:/a:novell:opensuse:libreoffice-gnome-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-gtk3, p-cpe:/a:novell:opensuse:libreoffice-gtk3-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-breeze, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-galaxy, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-hicontrast, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-oxygen, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-sifr, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-tango, p-cpe:/a:novell:opensuse:libreoffice-impress, p-cpe:/a:novell:opensuse:libreoffice-impress-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-kde4, p-cpe:/a:novell:opensuse:libreoffice-kde4-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-l10n-af, p-cpe:/a:novell:opensuse:libreoffice-l10n-ar, p-cpe:/a:novell:opensuse:libreoffice-l10n-as, p-cpe:/a:novell:opensuse:libreoffice-l10n-bg, p-cpe:/a:novell:opensuse:libreoffice-l10n-bn, p-cpe:/a:novell:opensuse:libreoffice-l10n-br, p-cpe:/a:novell:opensuse:libreoffice-l10n-ca, p-cpe:/a:novell:opensuse:libreoffice-l10n-cs, p-cpe:/a:novell:opensuse:libreoffice-l10n-cy, p-cpe:/a:novell:opensuse:libreoffice-l10n-da, p-cpe:/a:novell:opensuse:libreoffice-l10n-de, p-cpe:/a:novell:opensuse:libreoffice-l10n-dz, p-cpe:/a:novell:opensuse:libreoffice-l10n-el, p-cpe:/a:novell:opensuse:libreoffice-l10n-en, p-cpe:/a:novell:opensuse:libreoffice-l10n-es, p-cpe:/a:novell:opensuse:libreoffice-l10n-et, p-cpe:/a:novell:opensuse:libreoffice-l10n-eu, p-cpe:/a:novell:opensuse:libreoffice-l10n-fa, p-cpe:/a:novell:opensuse:libreoffice-l10n-fi, p-cpe:/a:novell:opensuse:libreoffice-l10n-fr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ga, p-cpe:/a:novell:opensuse:libreoffice-l10n-gl, p-cpe:/a:novell:opensuse:libreoffice-l10n-gu, p-cpe:/a:novell:opensuse:libreoffice-l10n-he, p-cpe:/a:novell:opensuse:libreoffice-l10n-hi, p-cpe:/a:novell:opensuse:libreoffice-l10n-hr, p-cpe:/a:novell:opensuse:libreoffice-l10n-hu, p-cpe:/a:novell:opensuse:libreoffice-l10n-it, p-cpe:/a:novell:opensuse:libreoffice-l10n-ja, p-cpe:/a:novell:opensuse:libreoffice-l10n-kk, p-cpe:/a:novell:opensuse:libreoffice-l10n-kn, p-cpe:/a:novell:opensuse:libreoffice-l10n-ko, p-cpe:/a:novell:opensuse:libreoffice-l10n-lt, p-cpe:/a:novell:opensuse:libreoffice-l10n-lv, p-cpe:/a:novell:opensuse:libreoffice-l10n-mai, p-cpe:/a:novell:opensuse:libreoffice-l10n-ml, p-cpe:/a:novell:opensuse:libreoffice-l10n-mr, p-cpe:/a:novell:opensuse:libreoffice-l10n-nb, p-cpe:/a:novell:opensuse:libreoffice-l10n-nl, p-cpe:/a:novell:opensuse:libreoffice-l10n-nn, p-cpe:/a:novell:opensuse:libreoffice-l10n-nr, p-cpe:/a:novell:opensuse:libreoffice-l10n-nso, p-cpe:/a:novell:opensuse:libreoffice-l10n-or, p-cpe:/a:novell:opensuse:libreoffice-l10n-pa, p-cpe:/a:novell:opensuse:libreoffice-l10n-pl, p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-BR, p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-PT, p-cpe:/a:novell:opensuse:libreoffice-l10n-ro, p-cpe:/a:novell:opensuse:libreoffice-l10n-ru, p-cpe:/a:novell:opensuse:libreoffice-l10n-si, p-cpe:/a:novell:opensuse:libreoffice-l10n-sk, p-cpe:/a:novell:opensuse:libreoffice-l10n-sl, p-cpe:/a:novell:opensuse:libreoffice-l10n-sr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ss, p-cpe:/a:novell:opensuse:libreoffice-l10n-st, p-cpe:/a:novell:opensuse:libreoffice-l10n-sv, p-cpe:/a:novell:opensuse:libreoffice-l10n-ta, p-cpe:/a:novell:opensuse:libreoffice-l10n-te, p-cpe:/a:novell:opensuse:libreoffice-l10n-th, p-cpe:/a:novell:opensuse:libreoffice-l10n-tn, p-cpe:/a:novell:opensuse:libreoffice-l10n-tr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ts, p-cpe:/a:novell:opensuse:libreoffice-l10n-uk, p-cpe:/a:novell:opensuse:libreoffice-l10n-ve, p-cpe:/a:novell:opensuse:libreoffice-l10n-xh, p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-Hans, p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-Hant, p-cpe:/a:novell:opensuse:libreoffice-l10n-zu, p-cpe:/a:novell:opensuse:libreoffice-mailmerge, p-cpe:/a:novell:opensuse:libreoffice-math, p-cpe:/a:novell:opensuse:libreoffice-math-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-officebean, p-cpe:/a:novell:opensuse:libreoffice-officebean-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-pyuno, p-cpe:/a:novell:opensuse:libreoffice-pyuno-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-sdk, p-cpe:/a:novell:opensuse:libreoffice-sdk-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-share-linker, p-cpe:/a:novell:opensuse:libreoffice-writer, p-cpe:/a:novell:opensuse:libreoffice-writer-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-writer-extensions, p-cpe:/a:novell:opensuse:libwps-0_4-4, p-cpe:/a:novell:opensuse:libwps-0_4-4-debuginfo, p-cpe:/a:novell:opensuse:libwps-debugsource, p-cpe:/a:novell:opensuse:libwps-devel, p-cpe:/a:novell:opensuse:libwps-tools, p-cpe:/a:novell:opensuse:libwps-tools-debuginfo, p-cpe:/a:novell:opensuse:mdds-devel, cpe:/o:novell:opensuse:13.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/25/2016

Vulnerability Publication Date: 11/7/2014

Reference Information

CVE: CVE-2014-3693, CVE-2014-8146, CVE-2014-8147, CVE-2014-9093, CVE-2015-4551, CVE-2015-45513, CVE-2015-5212, CVE-2015-5213, CVE-2015-5214