SuSE 10 Security Update : libreoffice (ZYPP Patch Number 7791)

high Nessus Plugin ID 57219

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

LibreOffice 3.4 includes many interesting features and fixes, see http://www.libreoffice.org/download/3-4-new-features-and-fixes/

The update fixes the following security issues :

- 704311: libreoffice Lotus Word Pro filter multiple vulnerabilities. (CVE-2011-2685)

This update also fixes the following non-security issues :

- 676858: Document with full page graphic in header will not allow click-drag or right-click.

- 681738: DDE link is lost when .xls file is opened/saved in Calc.

- 683578: Large xlsx file takes extremely long to open with Libreoffice calc

- 684784: Microsoft Office spreadsheet does not display anything

- 693238: Column format in docx file is not displayed correctly.

- 693477: Format of Word .doc file from HP is bad.

- 694344: 3rd level bulleted items are not displayed properly.

- 695479: L3: RTF file is not displayed correctly by Writer.

- 696630: DDE link from Calc to Excel needs Excel open to update link in Calc.

- 702506: Writer crashes when opening docx files.

- 704639: HTML document appearance changes when opened in open office vs LibreOffice

- 704642: 16 digit numbers change in LibreOffice when opening a file created in MS Excel

- 705949: Information missing from MS Word document when opened in LibreOffice (w:sdt)

- 706792: PTF 3.3.1-21 introduced a crash when opening a pptx presentation.

- 707486: Macro from excel fails on Selection.Copy when run in Calc.

- 707779: Disappearing text

- 708137: xls spreadsheet is extremely slow to open and check boxes are broken.

- 708518: Bullet symbol is not rendered correctly in a specific slide.

- 710061: ODP export to PDF produces broken images

- 710920: RPM installation ending with redundant error.

- 711977: File association for fod* files are missing.

- 712358: Some extensions broken after upgrading.

- 715268: Command libreoffice --help does not work when LibreOffice is already started

- 715416: Impress crashes starting Slide show in the context of dual monitors extension mode.

- 715931: failed to save an odp file.

Solution

Apply ZYPP patch number 7791.

See Also

http://support.novell.com/security/cve/CVE-2011-2685.html

http://support.novell.com/security/cve/CVE-2011-2713.html

Plugin Details

Severity: High

ID: 57219

File Name: suse_libreoffice-34-7791.nasl

Version: 1.6

Type: local

Agent: unix

Published: 12/13/2011

Updated: 1/19/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 10/6/2011

Vulnerability Publication Date: 7/21/2011

Reference Information

CVE: CVE-2011-2685, CVE-2011-2713