SuSE 10 Security Update : LibreOffice (ZYPP Patch Number 8286)

medium Nessus Plugin ID 62781

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

LibreOffice was updated to SUSE 3.5 bugfix release 13 (based on upstream 3.5.6-rc2) which fixes a lot of bugs.

The following bugs have been fixed :

- polygon fill rule. (bnc#759172)

- open XML in Writer. (bnc#777181)

- undo in text objects (fdo#36138)

- broken numbering level. (bnc#760019)

- better MathML detection. (bnc#774921)

- pictures in DOCX import. (bnc#772094)

- collapsing border painting (fdo#39415)

- better DOCX text box export (fdo#45724)

- hidden text in PPTX import. (bnc#759180)

- slide notes in PPTX import. (bnc#768027)

- RTL paragraphs in DOC import (fdo#43398)

- better vertical text imports. (bnc#744510)

- HYPERLINK field in DOCX import (fdo#51034)

- shadow color on partial redraw. (bnc#773515)

- floating objects in DOCX import. (bnc#775899)

- graphite2 hyphenation regression (fdo#49486)

- missing shape position and size. (bnc#760997)

- page style attributes in ODF import (fdo#38056)

- browsing in Template dialog crasher (fdo#46249)

- wrong master slide shape being used. (bnc#758565)

- page borders regression in ODT import (fdo#38056)

- invalidate bound rect after drag&drop (fdo#44534)

- rotated shape margins in PPTX import. (bnc#773048)

- pasting into more than 1 sheet crasher (fdo#47311)

- crashers in PPT/PPTX import (bnc#768027, bnc#774167

- missing footnote in DOCX/DOC/RTF export (fdo#46020)

- checkbox no-label behaviour (fdo#51336, bnc#757602)

- try somewhat harder to read w:position. (bnc#773061)

- FormatNumber can handle sal_uInt32 values (fdo#51793)

- rectangle-paragraph tables in DOCX import. (bnc#775899)

- header and bullet in slideshow transition. (bnc#759172)

- default background color in DOC/DOCX export (fdo#45724)

- font name / size attributes in DOCX import. (bnc#774681)

- zero rect. size causing wrong line positions (fdo#47434)

- adjusted display of Bracket/BracePair in PPT.
(bnc#741480)

- use Unicode functions for QuickStarter tooltip (fdo#52143)

- TabRatio API and detect macro at group shape fixes.
(bnc#770708)

- indented text in DOCX file does not wrap correctly.
(bnc#775906)

- undocked toolbars do not show all icons in special ratio (fdo#47071)

- cross-reference text when Caption order is Numbering first (fdo#50801)

- bullet color same as following text by default.
(bnc#719988, bnc#734733)

- misc RTF import fixes (rhbz#819304, fdo#49666, bnc#774681, fdo#51772, fdo#48033, fdo#52066, fdo#48335, fdo#48446, fdo#49892, fdo#46966)

- libvisio was updated to 0.0.19: o file displays as blank page in Draw (fdo#50990)

- Use the vendor SUSE instead of Novell, Inc.

- Some NULL pointer dereferences were fixed.
(CVE-2012-4233) Security Issue refernce :

- CVE-2012-4233

Solution

Apply ZYPP patch number 8286.

See Also

http://support.novell.com/security/cve/CVE-2012-4233.html

Plugin Details

Severity: Medium

ID: 62781

File Name: suse_libreoffice-8286.nasl

Version: 1.4

Type: local

Agent: unix

Published: 11/1/2012

Updated: 1/19/2021

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 9/10/2012

Reference Information

CVE: CVE-2012-4233