Several security issues were fixed in LibreOffice.
Federico Scrinzi discovered that LibreOffice incorrectly handled documents inserted into Writer or Calc via links. If a user were tricked into opening a specially crafted document, a remote attacker could possibly obtain the contents of arbitrary files. (CVE-2015-4551)
5 November 2015
A security issue affects these releases of Ubuntu and its derivatives:
Several security issues were fixed in LibreOffice.
Federico Scrinzi discovered that LibreOffice incorrectly handled documents inserted into Writer or Calc via links. If a user were tricked into opening a specially crafted document, a remote attacker could possibly obtain the contents of arbitrary files. (CVE-2015-4551)
It was discovered that LibreOffice incorrectly handled PrinterSetup data stored in ODF files. If a user were tricked into opening a specially crafted ODF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2015-5212)
It was discovered that LibreOffice incorrectly handled the number of pieces in DOC files. If a user were tricked into opening a specially crafted DOC document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2015-5213)
It was discovered that LibreOffice incorrectly handled bookmarks in DOC files. If a user were tricked into opening a specially crafted DOC document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2015-5214)
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart LibreOffice to make all the necessary changes.
Vulmon