1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5873-1] libreoffice security update

    From Salvatore Bonaccorso@21:1/5 to All on Tue Mar 4 22:40:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5873-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso
    March 04, 2025 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libreoffice
    CVE ID : CVE-2025-1080

    Amel Bouziane-Leblond discovered that insufficient validation of "vnd.libreoffice.command" URI schemes could result in the execution of arbitrary macro commands.

    For the stable distribution (bookworm), this problem has been fixed in
    version 4:7.4.7-1+deb12u7.

    We recommend that you upgrade your libreoffice packages.

    For the detailed security status of libreoffice please refer to its
    security tracker page at: https://security-tracker.debian.org/tracker/libreoffice

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]

    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmfHcJdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RUYA//UF/CS3skm3ZUSUI6njwue6qrNodsqtF0/BwpVG1v3g1kX/1yUGGrPc8s DgbCPJauD1rtlyVnlB2WeVWGOjKxP0ngGZ39KOcMdLHCu/mh2UR52OnOuw0R7Gpl 3i81VYMiKSNqHu/iz/6ae9NWYCax1k5f6a2I1WBQG2Q1/u5a/Ms+MaRoss4t7E5z ZyBVFTEImTz0Mj1TrU7ZdOquWJwaLR1I/mrPI5Ln2MySl6jSgh5ngCaPHChBLtJK Glh/kU+WN7tovWiDuCltp2v/jI+SZuD8g0IDzbjZ5KsDZMNmHxxX2e8jhQeWElcH wguBofOzzIFt3k8hM1/Mmuv/WGWKIQXl3GO7ZBW29Cc5WZ3qbHsCIIL/VsjIvD3k 1ymfrEdrZj8o7UqQYr3EORnIXUc52/8KPaZEQ1Cd+bKbc9sm0PIyYGpxGdq3Biuf wY5gTHakgq9nvTWtGGAiGkGPz2ENgSUnN0+D/iF9W/elILoGza7CKqVamNgXcd7F jOd0b5RLQC00XDPVRqI9qKVTOR3F4ByD7/JtqdJEmtlU1y8heuifiujUX1iP28UJ cATKC9IeQJED2a2XDVPJ82dR0KyTX1fQfhgldNajdLW9FFKCyyfAG7KeJ1scYqBl BkC+7Mne/N5hJZeo/iyFBiM/Z0MHwntUpirh/S4aQy4Z7eIHecE=
    =Qzs3
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)