RLSA-2023:0089

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2023:0089.json

Related

• CVE-2022-26305
• CVE-2022-26306
• CVE-2022-26307
• CVE-2022-3140

Published

2023-01-12T08:25:20Z

Modified

2023-02-02T13:54:08.820857Z

Details

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.

Security Fix(es):

• libreoffice: Macro URL arbitrary script execution (CVE-2022-3140)

• libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation (CVE-2022-26305)

• libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password (CVE-2022-26306)

• libreoffice: Weak Master Keys (CVE-2022-26307)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

• https://errata.rockylinux.org/RLSA-2023:0089
• https://bugzilla.redhat.com/show_bug.cgi?id=2118610
• https://bugzilla.redhat.com/show_bug.cgi?id=2118611
• https://bugzilla.redhat.com/show_bug.cgi?id=2118613
• https://bugzilla.redhat.com/show_bug.cgi?id=2134697