Upstream information
Description
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.SUSE information
SUSE Bugzilla entries: 1124062 [RESOLVED / FIXED], 1146107 [RESOLVED / FIXED] SUSE Security Advisories:- SUSE-SU-2019:1448-1, published
- SUSE-SU-2019:1894-1, published Thu Jul 18 13:11:19 MDT 2019
- SUSE-SU-2019:2003-1, published
- openSUSE-SU-2019:1929-1, published Sun, 18 Aug 2019 15:45:41 +0200 (CEST)
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Desktop 12 SP3 |
| Patchnames: SUSE-SLE-DESKTOP-12-SP3-2019-1448 SUSE-SLE-SDK-12-SP3-2019-1448 SUSE-SLE-WE-12-SP3-2019-1448 |
SUSE Linux Enterprise Desktop 12 SP4 |
| Patchnames: SUSE-SLE-DESKTOP-12-SP4-2019-1448 SUSE-SLE-SDK-12-SP4-2019-1448 SUSE-SLE-WE-12-SP4-2019-1448 |
SUSE Linux Enterprise Desktop 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP5 |
| Patchnames: SUSE Linux Enterprise Workstation Extension 12 SP5 GA libreoffice-6.2.7.1-43.56.3 |
SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 |
| Patchnames: SUSE-SLE-Module-Basesystem-15-SP1-2019-1894 SUSE-SLE-Product-WE-15-SP1-2019-1894 SUSE-SLE-Product-WE-15-SP1-2019-2003 |
SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Workstation Extension 15 SP2 |
| Patchnames: SUSE Linux Enterprise Workstation Extension 15 SP2 GA libreoffice-6.4.4.2-11.2 |
SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP3 |
| Patchnames: SUSE Linux Enterprise Workstation Extension 15 SP3 GA libreoffice-7.1.2.2-2.3 |
SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP4 |
| Patchnames: SUSE Linux Enterprise Workstation Extension 15 SP4 GA libreoffice-7.2.5.1-150300.14.22.18.3 |
SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 15 |
| Patchnames: SUSE-SLE-Module-Basesystem-15-2019-1894 SUSE-SLE-Product-WE-15-2019-1894 |
SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0 |
| Patchnames: SUSE-SLE-Module-Basesystem-15-SP1-2019-1894 |
SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Module for Basesystem 15 |
| Patchnames: SUSE-SLE-Module-Basesystem-15-2019-1894 |
SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3 |
| Patchnames: SUSE-SLE-SDK-12-SP3-2019-1448 SUSE-SLE-WE-12-SP3-2019-1448 |
SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4 |
| Patchnames: SUSE-SLE-SDK-12-SP4-2019-1448 SUSE-SLE-WE-12-SP4-2019-1448 |
SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP5 GA libreoffice-sdk-6.2.7.1-43.56.3 SUSE Linux Enterprise Workstation Extension 12 SP5 GA libreoffice-6.2.7.1-43.56.3 |
SUSE Linux Enterprise Software Development Kit 12 SP3 |
| Patchnames: SUSE-SLE-SDK-12-SP3-2019-1448 |
SUSE Linux Enterprise Software Development Kit 12 SP4 |
| Patchnames: SUSE-SLE-SDK-12-SP4-2019-1448 |
SUSE Linux Enterprise Software Development Kit 12 SP5 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 12 SP5 GA libreoffice-sdk-6.2.7.1-43.56.3 |
SUSE Linux Enterprise Workstation Extension 12 SP3 |
| Patchnames: SUSE-SLE-WE-12-SP3-2019-1448 |
SUSE Linux Enterprise Workstation Extension 12 SP4 |
| Patchnames: SUSE-SLE-WE-12-SP4-2019-1448 |
SUSE Linux Enterprise Workstation Extension 15 SP1 |
| Patchnames: SUSE-SLE-Product-WE-15-SP1-2019-1894 SUSE-SLE-Product-WE-15-SP1-2019-2003 |
SUSE Linux Enterprise Workstation Extension 15 |
| Patchnames: SUSE-SLE-Product-WE-15-2019-1894 |
openSUSE Leap 15.0 |
| Patchnames: openSUSE-2019-1929 |
openSUSE Leap 15.1 |
| Patchnames: openSUSE-2019-1929 |
openSUSE Leap 15.2 |
| Patchnames: openSUSE Leap 15.2 GA libreoffice-6.4.4.2-lp152.1.1 |
openSUSE Leap 15.3 |
| Patchnames: openSUSE Leap 15.3 GA libreoffice-7.1.2.2-2.3 openSUSE Leap 15.3 GA libreoffice-gtk2-6.2.7.1-8.10.1 |
openSUSE Leap 15.4 |
| Patchnames: openSUSE Leap 15.4 GA libreoffice-7.2.5.1-150300.14.22.18.3 |
openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA libreoffice-7.1.5.2-3.13 |