Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6962-1

Ubuntu Security Notice 6962-1 - It was discovered that LibreOffice incorrectly allowed users to enable macros when a cryptographic signature failed to validate. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary macros.

Packet Storm
#vulnerability#mac#ubuntu

==========================================================================
Ubuntu Security Notice USN-6962-1
August 15, 2024

libreoffice vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 24.04 LTS
  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS

Summary:

LibreOffice could be made to run programs if it opened a specially crafted
file.

Software Description:

  • libreoffice: Office productivity suite

Details:

It was discovered that LibreOffice incorrectly allowed users to enable
macros when a cryptographic signature failed to validate. If a user were
tricked into opening a specially crafted document, a remote attacker could
possibly execute arbitrary macros.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
libreoffice 4:24.2.5-0ubuntu0.24.04.2

Ubuntu 22.04 LTS
libreoffice 1:7.3.7-0ubuntu0.22.04.6

Ubuntu 20.04 LTS
libreoffice 1:6.4.7-0ubuntu0.20.04.11

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6962-1
CVE-2024-6472

Package Information:
https://launchpad.net/ubuntu/+source/libreoffice/4:24.2.5-0ubuntu0.24.04.2
https://launchpad.net/ubuntu/+source/libreoffice/1:7.3.7-0ubuntu0.22.04.6
https://launchpad.net/ubuntu/+source/libreoffice/1:6.4.7-0ubuntu0.20.04.11

Related news

Red Hat Security Advisory 2024-5886-03

Red Hat Security Advisory 2024-5886-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Security Advisory 2024-5608-03

Red Hat Security Advisory 2024-5608-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2024-5607-03

Red Hat Security Advisory 2024-5607-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-5599-03

Red Hat Security Advisory 2024-5599-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Security Advisory 2024-5598-03

Red Hat Security Advisory 2024-5598-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-5584-03

Red Hat Security Advisory 2024-5584-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-5583-03

Red Hat Security Advisory 2024-5583-03 - An update for libreoffice is now available for Red Hat Enterprise Linux 9.

Debian Security Advisory 5737-1

Debian Linux Security Advisory 5737-1 - If LibreOffice failed to validate a signed macro, it displayed a warning but still allowed execution of the script after printing a warning. Going forward in high macro security mode such macros are now disabled.

Packet Storm: Latest News

Red Hat Security Advisory 2024-8690-03