[ALSA-2020:4628] Low: libreoffice security, bug fix, and enhancement update
Type:
security
Severity:
low
Release date:
2021-11-12
Description:
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. The following packages have been upgraded to a later upstream version: libreoffice (6.3.6.2), libcmis (0.5.2), liborcus (0.14.1). (BZ#1796893) Security Fix(es): * libreoffice: 'stealth mode' remote resource restrictions bypass (CVE-2020-12802) * libreoffice: forms allowed to be submitted to any URI could result in local file overwrite (CVE-2020-12803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
i686 libcmis-0.5.2-1.el8.i686.rpm 624329841b199f773790952fe7211544615fcf36e6af26766253d099482bbd71
ppc64le libcmis-0.5.2-1.el8.ppc64le.rpm 581d75c2b1316d26f411f2e650552f19e2e68bc664dcd90dd5ba18bde0b34fe2
x86_64 libreoffice-sdk-6.3.6.2-3.el8.alma.x86_64.rpm 143535ccf197cb6d5d852ca23de2cc1c7fa9cd8a08d00d5d99d9ddace8c27944
x86_64 libreoffice-sdk-doc-6.3.6.2-3.el8.alma.x86_64.rpm 23d91d944b3fa30a9b703d4e2c6b5b07ff08d9ad9a6bc61c6134b5705068ed92
x86_64 libcmis-0.5.2-1.el8.x86_64.rpm ade93d9c097064f1910b7e4a632bfb07bce59ad09d07c74814ab975a1a0586e0
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.