Thursday, September 19, 2024

[USN-7025-1] LibreOffice vulnerability

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmbsSAIACgkQZWnYVadE
vpPJpg/9HNFBGhpYi3Y3Hq1i68bBzSRfOLNJbqnEfJy8mN/HB3VNfLtDXbiJmnIe
4QcGgaxT9Wuay8DRSG/vqsnZb2toRrDwrg9a8kyP4v3P7sN0gzj8F4B7hnWFNOHs
xPXVezNWV/YA6dqdUCoerLuikDtzSMfMb6NyIJIcJmofj7+jQzUd0z3qz/SPX1cd
qr0okgyL/Weticx/MHenmRJ3I0hCilxvS20M9oYtBKM54pj4D9S10PpEfLsAJDe5
oyivC4ImAl3cAe/csFhO/s98ClMm3gWFy0H4BAP49mgVdTpT1Dpvw4InSOvxL7+g
BY63v6RBzz9+/lEEchZXjZLbuAfYyoVs9l/whZKXQ/wdaNjKQzuHHIR24zrgUrmU
0i86ywiI05Z+Xmmmq7eErzdYzMcSBAypTP1uRk3EkKf8ZY8kwUORRm3DFC85nGpr
2QVrZVwSWI4yMSvn2WrnpboTfpqZjYpnxyj+NTmlIBED6bANcmYhE20O2LLdEb2x
Mw01CkIO23BgEzUM8sTe8PGKJb+5GZMG2ZyovGIeS1n8bo1BnP8qADCDd/ZY0WbM
KoKnDwdyJ9Grx0ZdtT59LWrTY7DvaCNNFzjlOgtrKdmIBqXwwqY3IHl9RG6fUKED
HXB6OMGu/qYWT7Rx8XqwEsIKFhvEH18qUGp/xVXWajldbQrJUO8=
=AHHK
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7025-1
September 19, 2024

libreoffice vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

LibreOffice could accept fraudulent digital signatures.

Software Description:
- libreoffice: Office productivity suite

Details:

It was discovered that LibreOffice would incorrectly handle digital
signature verification after repairing a corrupted document. A remote
attacker could possibly use this issue to forge valid signatures.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
libreoffice 1:7.3.7-0ubuntu0.22.04.7

Ubuntu 20.04 LTS
libreoffice 1:6.4.7-0ubuntu0.20.04.12

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7025-1
CVE-2024-7788

Package Information:
https://launchpad.net/ubuntu/+source/libreoffice/1:7.3.7-0ubuntu0.22.04.7
https://launchpad.net/ubuntu/+source/libreoffice/1:6.4.7-0ubuntu0.20.04.12

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)