New LibreOffice Vulnerability Patched in Ubuntu 16.04 LTS, Debian and Arch Linux
Today, June 30, 2016, Canonical has published a new security notice to inform users of the Ubuntu Linux operating system that the latest LibreOffice builds have landed in the repositories.
According to Ubuntu Security Notice USN-3022-1, LibreOffice 5.1.4 is now available for Ubuntu 16.04 LTS (Xenial Xerus), LibreOffice 5.0.6 for Ubuntu 15.10 (Wily Werewolf), and LibreOffice 3.5.7 for Ubuntu 12.04 LTS (Precise Pangolin), patching a security issue that could allow an attacker to crash the software or run malicious programs as your login.
“It was discovered that LibreOffice incorrectly handled RTF document files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code,” says Canonical. The issue was discovered by Aleksandar Nikolic, according to the Debian Security Advisory DSA-3608-1.
The latest LibreOffice 5.1.4 packages have also landed in the Arch Linux repositories, and it looks like the Debian Project has pushed LibreOffice 4.3.3-2+deb8u5 to the Debian GNU/Linux 8.5 “Jessie” repos, as well as LibreOffice 5.1.4~rc1-1 to Debian GNU/Linux 9 “Stretch” (Debian Testing) and Debian Sid (Unstable).
LibreOffice 5.1.4 is now the most stable version
All users who have LibreOffice installed on their Ubuntu, Debian, or Arch Linux operating systems are urged to update to the latest versions mentioned above as soon as possible. The latest LibreOffice suite should also make its way into the repositories of other GNU/Linux distributions soon, so make sure that you always keep your system up to date.
For example, you can install the latest LibreOffice version on the Solus operating system as well. LibreOffice 5.1.4 was announced last week, on June 23, and it brought over 130 bugfixes. You can also download the new LibreOffce version from our website, forGNU/Linux, Mac OS X, and Microsoft Windows operating systems.
Source | SoftPedia