[SECURITY] [DSA 5252-1] libreoffice security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5252-1] libreoffice security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 12 Oct 2022 17:35:07 +0000
Message-id: <Y0b6y0/9obOmwknu@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5252-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
October 12, 2022                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreoffice
CVE ID         : CVE-2022-3140

It was discovered that insufficient validation of
"vnd.libreoffice.command" URI schemes could result in the execution of
arbitrary macro commands.

For the stable distribution (bullseye), this problem has been fixed in
version 1:7.0.4-4+deb11u4.

We recommend that you upgrade your libreoffice packages.

For the detailed security status of libreoffice please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libreoffice

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNG+qAACgkQEMKTtsN8
Tja3uRAAkiNgui3BXi1QzYKs8IV7gWHqaGh2Yha+I0jksPzSPpIujCPo7p7EXSs8
Lm0y36dxT0rl3cokZtlNmDb0WgU7NVIgiu8+sI1jQuob1MT6vAN7BJUDOzzXxWUF
736lg9cJexJCOk+DHZq9oTW6bT0s+e+nAXixhsr4ZphrllMasbvm+LyB5hYRsyVx
A3tR+Be7bwaflqRVLIYTozL3K6pXeQvcZp7BjEyxMwgZ01+A+h44CmG+fBnVbE87
dX0GHonx8N41eodaXRX0rUq8RESPSkKj7cuqopta3YQkQIwZ6ZxsN4rPSKidZXEl
f+31/H3sw9ckhv8ShgpIpzdqZ0ehVoth0zDo+X/ZGEmFEsDHnt7GtSAyk5/w6Hw9
5gwMdQSlrWTHUGLw0ER9bHSXJYlhqUZ92WnCkHKsGYXkdoMpm2zXP3qZjXXkw2rg
a3F9M61uOEYwNuKWpTCN3kfOUm8ym7DhyXqRkn2+1CQ3jpdqgXGK4/7NF3J224hA
ARvnaYFo9JVCuRabznkWZJ1fI0+AjsEdya060X+TlkAX5JWHS5oJHrBOqbCugj3j
3dPKd1IFDkiN78dAsePpUo6m9UOEYV75vBkvKtyQ1nuexF9MOawycPbiEelwE3fk
GnyVTdww4lX+pXAs+N8IBv+Ydw8SNAVDsy6sRxpzBTBwa3+Xnf0=
=rIOZ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5251-1] isc-dhcp security update
Next by Date: [SECURITY] [DSA 5253-1] chromium security update
Previous by thread: [SECURITY] [DSA 5251-1] isc-dhcp security update
Next by thread: [SECURITY] [DSA 5253-1] chromium security update
Index(es):
- Date
- Thread