RLSA-2024:1514

See a problem?
Please try reporting it to the source first.

Source

https://errata.rockylinux.org/RLSA-2024:1514

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2024:1514.json

JSON Data

https://api.osv.dev/v1/vulns/RLSA-2024:1514

Related

Published

2024-03-27T04:34:32.999941Z

Modified

2024-03-27T04:36:49.035071Z

Summary

Important: libreoffice security fix update

Details

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.

Security Fix(es):

libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185)
libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186)

References

Credits

- Rocky Enterprise Software Foundation
- Red Hat

Affected packages

Rocky Linux:8 / libreoffice

Package

Name: libreoffice
Purl: pkg:rpm/rocky-linux/libreoffice?distro=rocky-linux-8&epoch=1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:6.4.7.2-16.el8_9