UbuntuUpdates.org

Package "libreoffice"

Name: libreoffice

Description:

office productivity suite (metapackage)

Latest version: 1:6.2.6-0ubuntu0.19.04.1
Release: disco (19.04)
Level: security
Repository: universe
Homepage: http://www.libreoffice.org

Links

Save this URL for the latest version of "libreoffice": https://www.ubuntuupdates.org/libreoffice


Download "libreoffice"


Other versions of "libreoffice" in Disco

Repository Area Version
base main 6.2.2-0ubuntu2
base universe 1:6.2.2-0ubuntu2
security main 6.2.6-0ubuntu0.19.04.1
updates universe 1:6.2.6-0ubuntu0.19.04.1
updates main 6.2.6-0ubuntu0.19.04.1
PPA: Mint Import 1:4.4.3~rc2-0ubuntu1~trusty1
PPA: Mint Import 1:5.0.3~rc2-0ubuntu1~trusty2
PPA: LibreOffice 1:6.3.0-0ubuntu0.19.04.1~lo1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:6.2.6-0ubuntu0.19.04.1 2019-08-19 13:09:04 UTC

  libreoffice (1:6.2.6-0ubuntu0.19.04.1) disco-security; urgency=medium

  * New upstream release
  * Fixes CVE-2019-9850: Insufficient url validation allowing LibreLogo script execution
  * Fixes CVE-2019-9851: LibreLogo global-event script execution
  * Fixes CVE-2019-9852: Insufficient URL encoding flaw in allowed script location check

 -- Marcus Tomlinson <email address hidden> Wed, 14 Aug 2019 21:18:47 +0100

Source diff to previous version
CVE-2019-9850 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained
CVE-2019-9851 LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained
CVE-2019-9852 LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document

Version: 1:6.2.5-0ubuntu0.19.04.1 2019-07-17 19:07:05 UTC

  libreoffice (1:6.2.5-0ubuntu0.19.04.1) disco-security; urgency=medium

  * New upstream release (LP: #1836759)
  * Fixes CVE-2019-9848: LibreLogo arbitrary script execution
  * Fixes CVE-2019-9849: Remote bullet graphics retrieved in 'stealth mode'

 -- Marcus Tomlinson <email address hidden> Tue, 16 Jul 2019 16:02:55 +0100

1836759 [SRU] libreoffice 6.2.5 for disco
CVE-2019-9848 LibreLogo arbitrary script execution
CVE-2019-9849 remote bullet graphics retrieved in 'stealth mode'



About   -   Send Feedback to @ubuntu_updates