lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 15 Aug 2019 20:05:33 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4501-1] libreoffice security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4501-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 15, 2019                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreoffice
CVE ID         : CVE-2019-9850 CVE-2019-9851 CVE-2019-9852

It was discovered that the code fixes to address CVE-2018-16858 and
CVE-2019-9848 were not complete.

For the oldstable distribution (stretch), these problems have been fixed
in version 1:5.2.7-1+deb9u10.

For the stable distribution (buster), these problems have been fixed in
version 1:6.1.5-3+deb10u3.

We recommend that you upgrade your libreoffice packages.

For the detailed security status of libreoffice please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libreoffice

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl1VupsACgkQEMKTtsN8
Tja6Aw//TjIt4TReg1H4Wg3fMRCmBn8YusujHBl8QkYRa4XtbviN/UPXV7ck8N7p
Bx/d+yc2Y1rYu0UgRWwYQPKpeyCiErY+lHUtP3X4OIkSWVPX/m3zW2bs7PS/+3DY
aaTZduypXsJBvgP03dqERJl//2hSoUAjILn8aY1JplbLMjN/MSt1lqInKmdf9Y0m
EmCWNcEiYbecDF4miKAUbKUdWr7UsysMS7wfJsydrTxBIgOt9A6mz4aqwPxGp7RS
mnaSQXY8yBvkAN7Rk+LhMPTkI172QL4j1db+RXSjulVN8cgh2DTQ5leSMXG563qu
5RfAOrlf9q7T1dmcbBEAro6cafSLpR1PMYpC35aKeTc+w5HhsS32+4QRI173MyZ+
3xBxlYVZzzXEMDpc0RXxZtzN1dv4BhvWrSBLURgd+ZSAVVbJscg9A9MiEdsPyiqA
GEus2GCJmNo1fnBwD6Ok9mhyy+sSVsCl2eBK4is2xIjLJt+2JJuDQQ6vF3DSfzPa
1HbuLGrmuLS+6GONbqUKCdRKWjmX6SY416Sn3VpyJexELyUXilqGMpYLJal93wC+
A3lVexAhEFDvsPnmkqAbtaXep68UjbGwSSw6imieXdbYh0j7Ie4OREarBKcuGzQe
wTqapvikvIM9hUDT9K9598B8GfJDmxKMSAydDVeUqQCxWxdM8IM=
=Vlh7
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ