openSUSE Security Update : LibreOffice (openSUSE-SU-2012:1523-1)

medium Nessus Plugin ID 74815

Synopsis

The remote openSUSE host is missing a security update.

Description

LibreOffice was updated to 3.5.4.13 to fix various bugs and security issues :

- NULL pointer dereference (bnc#778669, CVE-2012-4233)

- bullet-color-pptx-import.diff: bullets should have same color as following text by default; missing part of the fix (bnc#734733)

- update to suse-3.5.4.13 (SUSE 3.5 bugfix release 13, based on upstream 3.5.6-rc2)

- polygon fill rule (bnc#759172)

- open XML in Writer (bnc#777181)

- undo in text objects (fdo#36138)

- broken numbering level (bnc#760019)

- better MathML detection (bnc#774921)

- pictures in DOCX import (bnc#772094)

- collapsing border painting (fdo#39415)

- better DOCX text box export (fdo#45724)

- hidden text in PPTX import (bnc#759180)

- slide notes in PPTX import (bnc#768027)

- RTL paragraphs in DOC import (fdo#43398)

- better vertical text imports (bnc#744510)

- HYPERLINK field in DOCX import (fdo#51034)

- shadow color on partial redraw (bnc#773515)

- floating objects in DOCX import (bnc#775899)

- graphite2 hyphenation regression (fdo#49486)

- missing shape position and size (bnc#760997)

- page style attributes in ODF import (fdo#38056)

- browsing in Template dialog crasher (fdo#46249)

- wrong master slide shape being used (bnc#758565)

- page borders regression in ODT import (fdo#38056)

- invalidate bound rect after drag&drop (fdo#44534)

- rotated shape margins in PPTX import (bnc#773048)

- pasting into more than 1 sheet crasher (fdo#47311)

- crashers in PPT/PPTX import (bnc#768027, bnc#774167

- missing footnote in DOCX/DOC/RTF export (fdo#46020)

- checkbox no-label behaviour (fdo#51336, bnc#757602)

- try somewhat harder to read w:position (bnc#773061)

- FormatNumber can handle sal_uInt32 values (fdo#51793)

- rectangle-paragraph tables in DOCX import (bnc#775899)

- header and bullet in slideshow transition (bnc#759172)

- default background color in DOC/DOCX export (fdo#45724)

- font name / size attributes in DOCX import (bnc#774681)

- zero rect. size causing wrong line positions (fdo#47434)

- adjusted display of Bracket/BracePair in PPT (bnc#741480)

- use Unicode functions for QuickStarter tooltip (fdo#52143)

- TabRatio API and detect macro at group shape fixes (bnc#770708)

- indented text in DOCX file does not wrap correctly (bnc#775906)

- undocked toolbars do not show all icons in special ratio (fdo#47071)

- cross-reference text when Caption order is Numbering first (fdo#50801)

- bullet color same as following text by default (bnc#719988, bnc#734733)

- misc RTF import fixes (rhbz#819304, fdo#49666, bnc#774681, fdo#51772, fdo#48033, fdo#52066, fdo#48335, fdo#48446, fdo#49892, fdo#46966)

- update to libvisio 0.0.19 :

- file displays as blank page in Draw (fdo#50990)

- use the vendor SUSE instead of Novell, Inc.

- install-with-vendor-SUSE.diff: fix installation with the vendor 'SUSE'

Solution

Update the affected LibreOffice packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=759180

https://bugzilla.novell.com/show_bug.cgi?id=760019

https://bugzilla.novell.com/show_bug.cgi?id=760997

https://bugzilla.novell.com/show_bug.cgi?id=768027

https://bugzilla.novell.com/show_bug.cgi?id=770708

https://bugzilla.novell.com/show_bug.cgi?id=772094

https://bugzilla.novell.com/show_bug.cgi?id=773048

https://bugzilla.novell.com/show_bug.cgi?id=773061

https://bugzilla.novell.com/show_bug.cgi?id=778669

https://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html

https://bugzilla.novell.com/show_bug.cgi?id=719988

https://bugzilla.novell.com/show_bug.cgi?id=734733

https://bugzilla.novell.com/show_bug.cgi?id=741480

https://bugzilla.novell.com/show_bug.cgi?id=744510

https://bugzilla.novell.com/show_bug.cgi?id=757602

https://bugzilla.novell.com/show_bug.cgi?id=758565

https://bugzilla.novell.com/show_bug.cgi?id=759172

https://bugzilla.novell.com/show_bug.cgi?id=773515

https://bugzilla.novell.com/show_bug.cgi?id=774167

https://bugzilla.novell.com/show_bug.cgi?id=774681

https://bugzilla.novell.com/show_bug.cgi?id=774921

https://bugzilla.novell.com/show_bug.cgi?id=775899

https://bugzilla.novell.com/show_bug.cgi?id=775906

https://bugzilla.novell.com/show_bug.cgi?id=777181

Plugin Details

Severity: Medium

ID: 74815

File Name: openSUSE-2012-796.nasl

Version: 1.4

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libreoffice, p-cpe:/a:novell:opensuse:libreoffice-base, p-cpe:/a:novell:opensuse:libreoffice-base-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-mysql-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql, p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-base-extensions, p-cpe:/a:novell:opensuse:libreoffice-branding-upstream, p-cpe:/a:novell:opensuse:libreoffice-calc, p-cpe:/a:novell:opensuse:libreoffice-calc-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-calc-extensions, p-cpe:/a:novell:opensuse:libreoffice-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-debugsource, p-cpe:/a:novell:opensuse:libreoffice-draw, p-cpe:/a:novell:opensuse:libreoffice-draw-extensions, p-cpe:/a:novell:opensuse:libreoffice-draw-extensions-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-filters-optional, p-cpe:/a:novell:opensuse:libreoffice-filters-optional-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-gnome, p-cpe:/a:novell:opensuse:libreoffice-gnome-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-help-cs, p-cpe:/a:novell:opensuse:libreoffice-help-da, p-cpe:/a:novell:opensuse:libreoffice-help-de, p-cpe:/a:novell:opensuse:libreoffice-help-en-gb, p-cpe:/a:novell:opensuse:libreoffice-help-en-us, p-cpe:/a:novell:opensuse:libreoffice-help-en-za, p-cpe:/a:novell:opensuse:libreoffice-help-es, p-cpe:/a:novell:opensuse:libreoffice-help-et, p-cpe:/a:novell:opensuse:libreoffice-help-fr, p-cpe:/a:novell:opensuse:libreoffice-help-gl, p-cpe:/a:novell:opensuse:libreoffice-help-gu-in, p-cpe:/a:novell:opensuse:libreoffice-help-hi-in, p-cpe:/a:novell:opensuse:libreoffice-help-hu, p-cpe:/a:novell:opensuse:libreoffice-help-it, p-cpe:/a:novell:opensuse:libreoffice-help-ja, p-cpe:/a:novell:opensuse:libreoffice-help-km, p-cpe:/a:novell:opensuse:libreoffice-help-ko, p-cpe:/a:novell:opensuse:libreoffice-help-nl, p-cpe:/a:novell:opensuse:libreoffice-help-pl, p-cpe:/a:novell:opensuse:libreoffice-help-pt, p-cpe:/a:novell:opensuse:libreoffice-help-pt-br, p-cpe:/a:novell:opensuse:libreoffice-help-ru, p-cpe:/a:novell:opensuse:libreoffice-help-sl, p-cpe:/a:novell:opensuse:libreoffice-help-sv, p-cpe:/a:novell:opensuse:libreoffice-help-zh-cn, p-cpe:/a:novell:opensuse:libreoffice-help-zh-tw, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-crystal, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-galaxy, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-hicontrast, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-oxygen, p-cpe:/a:novell:opensuse:libreoffice-icon-theme-tango, p-cpe:/a:novell:opensuse:libreoffice-icon-themes-prebuilt, p-cpe:/a:novell:opensuse:libreoffice-impress, p-cpe:/a:novell:opensuse:libreoffice-impress-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-impress-extensions, p-cpe:/a:novell:opensuse:libreoffice-impress-extensions-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-kde, p-cpe:/a:novell:opensuse:libreoffice-kde-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-kde4, p-cpe:/a:novell:opensuse:libreoffice-kde4-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-l10n-af, p-cpe:/a:novell:opensuse:libreoffice-l10n-ar, p-cpe:/a:novell:opensuse:libreoffice-l10n-be-by, p-cpe:/a:novell:opensuse:libreoffice-l10n-bg, p-cpe:/a:novell:opensuse:libreoffice-l10n-br, p-cpe:/a:novell:opensuse:libreoffice-l10n-ca, p-cpe:/a:novell:opensuse:libreoffice-l10n-cs, p-cpe:/a:novell:opensuse:libreoffice-l10n-cy, p-cpe:/a:novell:opensuse:libreoffice-l10n-da, p-cpe:/a:novell:opensuse:libreoffice-l10n-de, p-cpe:/a:novell:opensuse:libreoffice-l10n-el, p-cpe:/a:novell:opensuse:libreoffice-l10n-en-gb, p-cpe:/a:novell:opensuse:libreoffice-l10n-en-za, p-cpe:/a:novell:opensuse:libreoffice-l10n-es, p-cpe:/a:novell:opensuse:libreoffice-l10n-et, p-cpe:/a:novell:opensuse:libreoffice-l10n-fi, p-cpe:/a:novell:opensuse:libreoffice-l10n-fr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ga, p-cpe:/a:novell:opensuse:libreoffice-l10n-gl, p-cpe:/a:novell:opensuse:libreoffice-l10n-gu-in, p-cpe:/a:novell:opensuse:libreoffice-l10n-he, p-cpe:/a:novell:opensuse:libreoffice-l10n-hi-in, p-cpe:/a:novell:opensuse:libreoffice-l10n-hr, p-cpe:/a:novell:opensuse:libreoffice-l10n-hu, p-cpe:/a:novell:opensuse:libreoffice-writer-extensions, cpe:/o:novell:opensuse:12.1, p-cpe:/a:novell:opensuse:libreoffice-l10n-it, p-cpe:/a:novell:opensuse:libreoffice-l10n-ja, p-cpe:/a:novell:opensuse:libreoffice-l10n-ka, p-cpe:/a:novell:opensuse:libreoffice-l10n-km, p-cpe:/a:novell:opensuse:libreoffice-l10n-ko, p-cpe:/a:novell:opensuse:libreoffice-l10n-lt, p-cpe:/a:novell:opensuse:libreoffice-l10n-mk, p-cpe:/a:novell:opensuse:libreoffice-l10n-nb, p-cpe:/a:novell:opensuse:libreoffice-l10n-nl, p-cpe:/a:novell:opensuse:libreoffice-l10n-nn, p-cpe:/a:novell:opensuse:libreoffice-l10n-nr, p-cpe:/a:novell:opensuse:libreoffice-l10n-pa-in, p-cpe:/a:novell:opensuse:libreoffice-l10n-pl, p-cpe:/a:novell:opensuse:libreoffice-l10n-prebuilt, p-cpe:/a:novell:opensuse:libreoffice-l10n-pt, p-cpe:/a:novell:opensuse:libreoffice-l10n-pt-br, p-cpe:/a:novell:opensuse:libreoffice-l10n-ru, p-cpe:/a:novell:opensuse:libreoffice-l10n-rw, p-cpe:/a:novell:opensuse:libreoffice-l10n-sh, p-cpe:/a:novell:opensuse:libreoffice-l10n-sk, p-cpe:/a:novell:opensuse:libreoffice-l10n-sl, p-cpe:/a:novell:opensuse:libreoffice-l10n-sr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ss, p-cpe:/a:novell:opensuse:libreoffice-l10n-st, p-cpe:/a:novell:opensuse:libreoffice-l10n-sv, p-cpe:/a:novell:opensuse:libreoffice-l10n-tg, p-cpe:/a:novell:opensuse:libreoffice-l10n-th, p-cpe:/a:novell:opensuse:libreoffice-l10n-tr, p-cpe:/a:novell:opensuse:libreoffice-l10n-ts, p-cpe:/a:novell:opensuse:libreoffice-l10n-uk, p-cpe:/a:novell:opensuse:libreoffice-l10n-ve, p-cpe:/a:novell:opensuse:libreoffice-l10n-vi, p-cpe:/a:novell:opensuse:libreoffice-l10n-xh, p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-cn, p-cpe:/a:novell:opensuse:libreoffice-l10n-zh-tw, p-cpe:/a:novell:opensuse:libreoffice-l10n-zu, p-cpe:/a:novell:opensuse:libreoffice-mailmerge, p-cpe:/a:novell:opensuse:libreoffice-math, p-cpe:/a:novell:opensuse:libreoffice-math-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-officebean, p-cpe:/a:novell:opensuse:libreoffice-officebean-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-pyuno, p-cpe:/a:novell:opensuse:libreoffice-pyuno-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-sdk, p-cpe:/a:novell:opensuse:libreoffice-sdk-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-writer, p-cpe:/a:novell:opensuse:libreoffice-writer-debuginfo

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 11/12/2012

Reference Information

CVE: CVE-2012-4233