Moderate: libreoffice security update

Synopsis

Moderate: libreoffice security update

Type/Severity

Security Advisory: Moderate

Topic

Updated libreoffice packages that fixes multiple security issues are now
available for Red Hat Enterprise Linux 6 and 7.

Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

Description

LibreOffice is an open source, community-developed office productivity
suite. It includes key desktop applications, such as a word processor, a
spreadsheet, a presentation manager, a formula editor, and a drawing
program. LibreOffice replaces OpenOffice and provides a similar but
enhanced and extended office suite.

It was discovered that LibreOffice did not properly restrict automatic link
updates. By tricking a victim into opening specially crafted documents, an
attacker could possibly use this flaw to disclose contents of files
accessible by the victim. (CVE-2015-4551)

An integer underflow flaw leading to a heap-based buffer overflow when
parsing PrinterSetup data was discovered. By tricking a user into opening a
specially crafted document, an attacker could possibly exploit this flaw to
execute arbitrary code with the privileges of the user opening the file.
(CVE-2015-5212)

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way LibreOffice processed certain Microsoft Word .doc files.
By tricking a user into opening a specially crafted Microsoft Word .doc
document, an attacker could possibly use this flaw to execute arbitrary
code with the privileges of the user opening the file. (CVE-2015-5213)

It was discovered that LibreOffice did not properly sanity check bookmark
indexes. By tricking a user into opening a specially crafted document, an
attacker could possibly use this flaw to execute arbitrary code with the
privileges of the user opening the file. (CVE-2015-5214)

All libreoffice users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 7.5 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 7.4 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 7.3 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 7.2 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 6.7 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 6.7 i386
• Red Hat Enterprise Linux Server - AUS 7.4 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux for IBM z Systems 6 s390x
• Red Hat Enterprise Linux for Power, big endian 6 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.7 ppc64
• Red Hat Enterprise Linux Server from RHUI 7 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 i386
• Red Hat Enterprise Linux Server - AUS 7.6 x86_64
• Red Hat Enterprise Linux Server - AUS 7.3 x86_64
• Red Hat Enterprise Linux Server - AUS 7.2 x86_64
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.7 s390x
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.4 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.3 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.2 ppc64le
• Red Hat Enterprise Linux Server - TUS 7.6 x86_64
• Red Hat Enterprise Linux Server - TUS 7.3 x86_64
• Red Hat Enterprise Linux Server - TUS 7.2 x86_64
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.3 ppc64le
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.3 x86_64
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.2 x86_64

Fixes

• BZ - 1278812 - CVE-2015-4551 libreoffice: Arbitrary file disclosure in Calc and Writer
• BZ - 1278820 - CVE-2015-5212 libreoffice: Integer underflow in PrinterSetup length
• BZ - 1278824 - CVE-2015-5213 libreoffice: Integer overflow in DOC files
• BZ - 1278827 - CVE-2015-5214 libreoffice: Bookmarks in DOC documents are insufficiently checked causing memory corruption

CVEs

• CVE-2015-5213
• CVE-2015-5212
• CVE-2015-4551
• CVE-2015-5214

References

• https://access.redhat.com/security/updates/classification/#moderate