MGASA-2026-0259

Source
https://advisories.mageia.org/MGASA-2026-0259.html
Import Source
https://advisories.mageia.org/MGASA-2026-0259.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2026-0259
Upstream
  • CVE-2026-6039
  • CVE-2026-6040
  • CVE-2026-6045
  • CVE-2026-8356
  • CVE-2026-8357
  • CVE-2026-8358
Published
2026-07-18T05:48:16Z
Modified
2026-07-18T06:00:05.202862912Z
Summary
Updated libreoffice packages fix security vulnerabilities
Details

The updated packages fix security vulnerabilities: Heap buffer overflow in DXF polyline import. (CVE-2026-6039) Heap use-after-free in ODF number-format blank-width parsing. (CVE-2026-6040) Heap buffer overflow in EMF+ gradient brush import. (CVE-2026-6045) Stack buffer overflow in PPT presentation import. (CVE-2026-8356) Heap buffer overflow in Calc formula compilation. (CVE-2026-8357) Heap buffer overflow in spreadsheet tracked-changes import. (CVE-2026-8358)

References
Credits

Affected packages

Mageia:10 / libreoffice

Package

Name
libreoffice
Purl
pkg:rpm/mageia/libreoffice?arch=source&distro=mageia-10

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
26.2.4.2-1.mga10

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2026-0259.json"

Mageia:9 / libreoffice

Package

Name
libreoffice
Purl
pkg:rpm/mageia/libreoffice?arch=source&distro=mageia-9

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.2.7.2-1.5.mga9

Ecosystem specific

{
    "section": "core"
}

Database specific

source
"https://advisories.mageia.org/MGASA-2026-0259.json"