[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 591-1] libreoffice security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libreoffice
Version        : 3.5.4+dfsg2-0+deb7u8
CVE ID         : CVE-2016-1513


An OpenDocument Presentation .ODP or Presentation Template .OTP file
can contain invalid presentation elements that lead to memory
corruption when the document is loaded in LibreOffice Impress. The
defect may cause the document to appear as corrupted and LibreOffice
may crash in a recovery-stuck mode requiring manual intervention. A
crafted exploitation of the defect can allow an attacker to cause
denial of service (memory corruption and application crash) and
possible execution of arbitrary code.

For Debian 7 "Wheezy", this problem have been fixed in version
3.5.4+dfsg2-0+deb7u8.

We recommend that you upgrade your libreoffice packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXqbyXAAoJEPZk0la0aRp9UWcP/Al22F5NbfIONEjvWxGl1LgG
zRhIGsINBTrl/1PVyZ87L/KMPbUxev4KNazLoiKjYoqlxlb8GOUCf6n+azpMH+bl
IrLenoUrUncaf/dQyg/ftGbsgofPbAgmRP0Fw4GNcMR6PTzuaCZ12OVoDbGTO/Jo
YwHOERGS/p1s0oqPzFsag5WQx+/41eFgj44kQCQGPhCpbTwDDoO7aeOp6wlV7y4S
Dr3ObfCaHREtEBUJWBmgUqpggoYlKjfSmh3Lp+QCD1OLiP+kjAmrUyilhtWnp32E
q8Pg20wNFH5t9SFQI4E4LOnIvnyVZglH/FjpDjpSs5ljuqKw798MAEmKAa/btbbG
YjDS3vKSTARpza072uYmfK7UNVQctKzB29e69DRTlVQLZLv6/Ada1/u/E1qDez/p
6/5uu0t/FX0ewXrksCPgVLNUq1HzNyobXbs+dMFFcYKMeONfLpbK8OC2k4IcRexK
/ZNjx6Z0SNwq9Q/1iiAljvgORx/PLPjTBfx/zAQelSC0kIFSxdEw2rQVvH6QnGU7
RSCMsc6/ewWVweRHckEf3YB12agxvECmDof3XMkq1rhsYlffim+yZjkmm4FjfIWF
kM5WCZVDUHYTpxY2rQfvFmijnEvckwTNvgaClio98imOD1B4hy1TUxhwv5Ti2kJb
dec6ZMtwjvS7nlJA/8ZC
=qvnG
-----END PGP SIGNATURE-----


Reply to: