SuSE 11.1 Security Update : LibreOffice (SAT Patch Number 6003)

high Nessus Plugin ID 58721

Language:

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

The update fixes the following security issues :

- 740453: Vulnerability in RDF handling. (CVE-2012-0037)

- 752595: overflow in jpeg handling (CVE-2012-1149) This update also fixes the following non-security issues :

Extras :

- add SUSE color palette (fate#312645) Filters :

- crash when loading embedded elements. (bnc#693238)

- crash when importing an empty paragraph (rh#667082)

- more on bentConnectors. (bnc#736495)

- wrong text color in smartArt. (bnc#746996)

- reading of w:textbox contents. (bnc#693388)

- textbox position and size DOCX import (fdo#45560)

- RTF/DOCX import of transparent frames. (bnc#695479)

- consecutive frames in RTF/DOCX import. (bnc#703032)

- handling of frame properties in RTF import. (bnc#417818)

- force imported XLSX active tab to be shown. (bnc#748198)

- create TableManager for inside shapes. (bnc#747471, bnc#693238)

- textboxes import with OLE objects inside. (bnc#747471, bnc#693238)

- table style. (bnc#705991)

- text rotation fixes. (bnc#734734)

- crash in PPTX import. (bnc#706792)

- read w:sdt* contents. (bnc#705949)

- connector shape fixes. (bnc#719989)

- legacy fragment import. (bnc#699334)

- non-working Excel macros. (bnc#705977)

- free drawn curves import. (bnc#657909)

- group shape transformations. (bnc#621739)

- extLst of drawings in diagrams import. (bnc#655408)

- flip properties of custom shapes import. (bnc#705985)

- line spacing is used from previous values. (bnc#734734)

- missing ooxml customshape->mso shape name entries.
(bnc#737921)

- word doesn't break the numberings and prefers hiding them (bnc#707157) Base :

- iterator misuse (fdo #44040, bnc#742178) Writer :

- do not use an invalidated iterator (fdo#46337)

- field refreshing (fdo#39694)

- more layout crashers (i#101776, fdo#39510)

- textbox borders style and width in DOCX import (fdo#45560)

- expand all text fields when setting properties (fdo#42073)

- version 3.4.5.3, tag suse-3.4.5.3 (SUSE LO 3.4.5-rc1)

- SmartArt import

- custom shapes import

- Oracle Java 1.7.0 detection

- reading AES-encrypted ODF 1.2 documents as generated by LO 3.5

- frame selection. (bnc#740117)

- crash when editing index. (bnc#726174)

- order database properties. (bnc#740032)

- numbering levels in DOC import. (bnc#715115)

- image size issue in DOC import. (bnc#718971)

- pointless forward moving of a table. (bnc#706138)

- tabs set after the end margin in DOCX import.
(bnc#693238)

- add hyperlinks by default in Table of Contents (bnc#705956) Calc :

- pie charts colors messed in XLS import (fdo#40320)

- correctly import data point formats in data series (fdo#40320) Components :

- crash when parsing XML signatures (fdo#39657)

- broken getDataArray (fdo#46165, fdo#38441, i#117010)

- don't paint a frame around the list of edit boxes (fdo#42543)

- inconsistent compression method for encrypted documents.
(bnc#653688)

- allow pasting to multiple ranges. (bnc#715094)

- correctly convert chart data ranges. (bnc#727504)

- definedName corruption for XLSX export. (bnc#741182)

- adjust/shrink the ranges while copying. (bnc#677811)

- extra graph data is displayed for label. (bnc#717290)

- getCellRangeByName failure for named range. (bnc#738113)

- graph in XLS file has dates displayed wrong.
(bnc#720443)

- improve performance of large Excel documents.
(bnc#715104)

- display page background color/image properly.
(bnc#722045)

- pivot table output becoming empty on re-save.
(bnc#715543)

- encode virtual paths to local volume correctly.
(bnc#719887)

- avoid adjusting cell-anchored objects on other sheets.
(bnc#726152)

- make sure to adjust the sheet index of drawing objects.
(bnc#733864)

- make the data validation popup more reliable (fdo #36851, bnc#737190) Impress :

- do not create an empty slide when printing handouts (fdo#31966)

- undo corruption. (bnc#685123)

- do not set duplicate master slide names (bnc#735533) Libraries :

- default shortcut for .uno:SearchDialog should be Ctrl+H

- crash using instances dialog of dataform navigator (fdo#44816)

- disable problematic reading of external entities in raptor

- correctly calculate leap year

- use proper Indian Rupee currency symbol U+20B9 (rh#794679)

- handle copy and paste from ConsoleOne. (bnc#704274)

- VBA control events not working, broken eventattacher.
(bnc#718227)

- 'General Error' when double-click graphic in presentation. (bnc#720948)

- upgrade graphite to 1.0.3 fix surrogate support

- crash at exit. (bnc#728603)

- radial gradient offset. (bnc#714787)

- horizontal scrollbars with KDE oxygen style.
(bnc#722918)

- rendering of metafiles embedded in EMF+ (updated) (bnc#705956) Postprocess :

- make the 3D transitions work again (bnc#728559) URE :

- make Duden Korrektor 5 and 6 work General :

- add compat symlinks for the old main desktop icon.
(bnc#724087)

- Fix tooltips are all black in KDE4 (bnc#723074, fdo#40461)

- do-not-display-math-in-desktop-menu.diff: do not display math in desktop menu (fdo#41681)

- desktop-submenu.diff: display LO application in the right desktop submenu. (bnc#718694)

- bash-completion-for-loffice.diff: define bash completion for 'loffice' wrapper. (bnc#719656)

- svx-globlmn-hrc-build-dep.diff: fix build dependency problem in svx

- Update gdocs extension to version 3.0.0; needed to make it working with the current Google Docs interface

Solution

Apply SAT patch number 6003.

Plugin Details

Severity: High

ID: 58721

File Name: suse_11_libreoffice-345-120316.nasl

Version: 1.5

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 4/12/2012

Updated: 1/19/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:libreoffice, p-cpe:/a:novell:suse_linux:11:libreoffice-base, p-cpe:/a:novell:suse_linux:11:libreoffice-base-drivers-postgresql, p-cpe:/a:novell:suse_linux:11:libreoffice-base-extensions, p-cpe:/a:novell:suse_linux:11:libreoffice-calc, p-cpe:/a:novell:suse_linux:11:libreoffice-calc-extensions, p-cpe:/a:novell:suse_linux:11:libreoffice-draw, p-cpe:/a:novell:suse_linux:11:libreoffice-help-hu, p-cpe:/a:novell:suse_linux:11:libreoffice-help-it, p-cpe:/a:novell:suse_linux:11:libreoffice-help-ja, p-cpe:/a:novell:suse_linux:11:libreoffice-help-ko, p-cpe:/a:novell:suse_linux:11:libreoffice-help-nl, p-cpe:/a:novell:suse_linux:11:libreoffice-help-pl, p-cpe:/a:novell:suse_linux:11:libreoffice-help-pt, p-cpe:/a:novell:suse_linux:11:libreoffice-help-pt-br, p-cpe:/a:novell:suse_linux:11:libreoffice-help-ru, p-cpe:/a:novell:suse_linux:11:libreoffice-draw-extensions, p-cpe:/a:novell:suse_linux:11:libreoffice-filters-optional, p-cpe:/a:novell:suse_linux:11:libreoffice-gnome, p-cpe:/a:novell:suse_linux:11:libreoffice-help-cs, p-cpe:/a:novell:suse_linux:11:libreoffice-help-da, p-cpe:/a:novell:suse_linux:11:libreoffice-help-de, p-cpe:/a:novell:suse_linux:11:libreoffice-help-en-gb, p-cpe:/a:novell:suse_linux:11:libreoffice-help-en-us, p-cpe:/a:novell:suse_linux:11:libreoffice-help-es, p-cpe:/a:novell:suse_linux:11:libreoffice-help-fr, p-cpe:/a:novell:suse_linux:11:libreoffice-help-gu-in, p-cpe:/a:novell:suse_linux:11:libreoffice-help-hi-in, p-cpe:/a:novell:suse_linux:11:libreoffice-impress, p-cpe:/a:novell:suse_linux:11:libreoffice-impress-extensions, p-cpe:/a:novell:suse_linux:11:libreoffice-help-sv, p-cpe:/a:novell:suse_linux:11:libreoffice-help-zh-cn, p-cpe:/a:novell:suse_linux:11:libreoffice-help-zh-tw, p-cpe:/a:novell:suse_linux:11:libreoffice-icon-themes, p-cpe:/a:novell:suse_linux:11:libreoffice-kde, p-cpe:/a:novell:suse_linux:11:libreoffice-kde4, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-af, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-ar, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-ca, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-cs, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-da, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-de, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-en-gb, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-es, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-fi, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-fr, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-gu-in, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-hi-in, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-hu, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-it, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-ja, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-ko, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-nb, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-nl, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-nn, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-pl, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-pt, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-pt-br, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-ru, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-sk, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-sv, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-xh, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-zh-cn, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-zh-tw, p-cpe:/a:novell:suse_linux:11:libreoffice-l10n-zu, p-cpe:/a:novell:suse_linux:11:libreoffice-mailmerge, p-cpe:/a:novell:suse_linux:11:libreoffice-math, p-cpe:/a:novell:suse_linux:11:libreoffice-mono, p-cpe:/a:novell:suse_linux:11:libreoffice-officebean, p-cpe:/a:novell:suse_linux:11:libreoffice-pyuno, p-cpe:/a:novell:suse_linux:11:libreoffice-writer, p-cpe:/a:novell:suse_linux:11:libreoffice-writer-extensions, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 3/16/2012

Reference Information

CVE: CVE-2012-0037, CVE-2012-1149

Detections

Analytics