Kod programskog paketa libreoffice otkrivena su i ispravljena tri nedostatka koja je udaljeni napadač mogao iskoristiti za izvođenje DoS napada i pokretanje proizvoljnog programskog koda.
Propusti su posljedica pogrešaka pri učitavanju JPEG, PNG i BMP slikovnih datoteka, te nepravilnosti pri obradi Microsoft Word Binary File Format (.DOC) datoteka.
Posljedica:
Propuste je moguće iskoristiti za izvođenje napada uskraćivanjem usluge i izvršavanje proizvoljnog programskog koda.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-8114
2012-05-19 06:18:37
--------------------------------------------------------------------------------
Name : libreoffice
Product : Fedora 15
Version : 3.3.4.1
Release : 5.fc15
URL : http://www.documentfoundation.org/develop
Summary : Free Software Productivity Suite
Description :
LibreOffice is an Open Source, community-developed, office productivity suite.
It includes the key desktop applications, such as a word processor,
spreadsheet, presentation manager, formula editor and drawing program, with a
user interface and feature set similar to other office suites. Sophisticated
and flexible, LibreOffice also works transparently with a variety of file
formats, including Microsoft Office File Formats.
--------------------------------------------------------------------------------
Update Information:
CVE-2012-1149 An integer overflow vulnerability in LibreOffice graphic loading
code
CVE-2012-2334 Denial of Service with malformed .ppt files
--------------------------------------------------------------------------------
ChangeLog:
* Thu May 17 2012 CaolÄ
Posljednje sigurnosne preporuke