Bug 967014 - (CVE-2016-0794) VUL-1: CVE-2016-0794: libreoffice: multiple lwp issues
(CVE-2016-0794)
VUL-1: CVE-2016-0794: libreoffice: multiple lwp issues
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/161940/
CVSSv2:SUSE:CVE-2016-0795:4.3:(AV:A/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-17 08:41 UTC by Sebastian Krahmer
Modified: 2016-08-01 14:02 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastian Krahmer 2016-02-17 08:41:33 UTC
Not much description from upstream. Patches look like they are
fixing some overflows.

CVE-2016-0794


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0794
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0794.html
Comment 1 Swamp Workflow Management 2016-02-17 23:00:49 UTC
bugbot adjusting priority
Comment 2 Bernhard Wiedemann 2016-02-21 14:00:16 UTC
This is an autogenerated message for OBS integration:
This bug (967014) was mentioned in
https://build.opensuse.org/request/show/360718 Factory / libreoffice
Comment 3 Bernhard Wiedemann 2016-05-10 17:00:10 UTC
This is an autogenerated message for OBS integration:
This bug (967014) was mentioned in
https://build.opensuse.org/request/show/394672 13.2 / libreoffice
Comment 4 Swamp Workflow Management 2016-05-27 13:12:49 UTC
openSUSE-SU-2016:1415-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 967014,967015
CVE References: CVE-2016-0794,CVE-2016-0795
Sources used:
openSUSE 13.2 (src):    libreoffice-5.0.6.3-31.3
Comment 5 Swamp Workflow Management 2016-07-01 16:09:37 UTC
SUSE-SU-2016:1728-1: An update that solves two vulnerabilities and has 9 fixes is now available.

Category: security (moderate)
Bug References: 718113,856729,939998,945443,945445,955832,965294,965296,967014,967015,977784
CVE References: CVE-2016-0794,CVE-2016-0795
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    boost-1.54.0-15.1, cmis-client-0.5.1-8.2, hyphen-2.8.8-12.1, libetonyek-0.1.6-6.3, libixion-0.11.0-6.2, liborcus-0.11.0-6.1, libreoffice-5.1.3.2-22.9, libvisio-0.1.5-7.1, libwps-0.4.2-6.1, myspell-dictionaries-20160511-11.1, openCOLLADA-1_3335ac1-2.1
SUSE Linux Enterprise Workstation Extension 12 (src):    boost-1.54.0-15.1, cmis-client-0.5.1-8.2, hyphen-2.8.8-12.1, libetonyek-0.1.6-6.3, libixion-0.11.0-6.2, liborcus-0.11.0-6.1, libreoffice-5.1.3.2-22.9, libvisio-0.1.5-7.1, libwps-0.4.2-6.1, myspell-dictionaries-20160511-11.1, openCOLLADA-1_3335ac1-2.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    boost-1.54.0-15.1, cmis-client-0.5.1-8.2, hunspell-1.3.2-18.1, hyphen-2.8.8-12.1, libetonyek-0.1.6-6.3, libixion-0.11.0-6.2, liborcus-0.11.0-6.1, libvisio-0.1.5-7.1, libwps-0.4.2-6.1
SUSE Linux Enterprise Software Development Kit 12 (src):    boost-1.54.0-15.1, cmis-client-0.5.1-8.2, hunspell-1.3.2-18.1, hyphen-2.8.8-12.1, libetonyek-0.1.6-6.3, libixion-0.11.0-6.2, liborcus-0.11.0-6.1, libvisio-0.1.5-7.1, libwps-0.4.2-6.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    boost-1.54.0-15.1, cmis-client-0.5.1-8.2, hunspell-1.3.2-18.1, hyphen-2.8.8-12.1, libetonyek-0.1.6-6.3, libixion-0.11.0-6.2, liborcus-0.11.0-6.1, libreoffice-5.1.3.2-22.9, libvisio-0.1.5-7.1, libwps-0.4.2-6.1, myspell-dictionaries-20160511-11.1, openCOLLADA-1_3335ac1-2.1
SUSE Linux Enterprise Desktop 12 (src):    boost-1.54.0-15.1, cmis-client-0.5.1-8.2, hunspell-1.3.2-18.1, hyphen-2.8.8-12.1, libetonyek-0.1.6-6.3, libixion-0.11.0-6.2, liborcus-0.11.0-6.1, libreoffice-5.1.3.2-22.9, libvisio-0.1.5-7.1, libwps-0.4.2-6.1, myspell-dictionaries-20160511-11.1, openCOLLADA-1_3335ac1-2.1
Comment 6 Swamp Workflow Management 2016-07-14 22:09:25 UTC
openSUSE-SU-2016:1805-1: An update that solves two vulnerabilities and has 9 fixes is now available.

Category: security (moderate)
Bug References: 718113,856729,939998,945443,945445,955832,965294,965296,967014,967015,977784
CVE References: CVE-2016-0794,CVE-2016-0795
Sources used:
openSUSE Leap 42.1 (src):    cmis-client-0.5.1-3.1, hunspell-1.3.2-5.1, hyphen-2.8.8-6.1, libetonyek-0.1.6-3.2, libixion-0.11.0-3.1, liborcus-0.11.0-4.1, libreoffice-5.1.3.2-8.1, libvisio-0.1.5-3.1, libwps-0.4.2-3.1, mdds-1_0-1.1.0-2.1, myspell-dictionaries-20160511-4.1
Comment 7 Marcus Meissner 2016-08-01 14:02:09 UTC
reelased I think