--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-8d3f4d7b28
2018-05-11 21:12:37.978812
--------------------------------------------------------------------------------
Name : libreoffice
Product : Fedora 28
Version : 6.0.3.2
Release : 9.fc28
URL :
http://www.libreoffice.org/
Summary : Free Software Productivity Suite
Description :
LibreOffice is an Open Source, community-developed, office productivity suite.
It includes the key desktop applications, such as a word processor,
spreadsheet, presentation manager, formula editor and drawing program, with a
user interface and feature set similar to other office suites. Sophisticated
and flexible, LibreOffice also works transparently with a variety of file
formats, including Microsoft Office File Formats.
--------------------------------------------------------------------------------
Update Information:
- CVE-2018-10583 A LibreOffice document with a linked image, which is on a samba
share, will cause LibreOffice to automatically initiate a samba connection to
retrieve the image. This is by design. If end users or administrators wish to
disable this functionality this can now be disabled via
tools->options->security->options->block any links from documents not among
the
trusted locations.
--------------------------------------------------------------------------------
ChangeLog:
* Sat May 5 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-9
- tdf#117413 char doubling in calc under X
* Fri May 4 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-8
- rhbz#1575000 CVE-2018-10583 allow embedded links to smb resources
to be blocked
* Thu May 3 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-7
- rhbz#1573845 won't start without at least Langpack-en-US.xcd
* Mon Apr 30 2018 Pete Walter <pwalter(a)fedoraproject.org> - 1:6.0.3.2-6
- Rebuild for ICU 61.1
* Tue Apr 24 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-5
- Resolves: tdf#116951 rhbz#1569331 start is G_MAXINT
* Thu Apr 19 2018 Stephan Bergmann <sbergman(a)redhat.com> - 1:6.0.3.2-4
- Resolves: rhbz#1568579 LibreOffice --headless zombie process
- Related: rhbz#1569331 end should be in terms of unicode chars, not bytes
* Tue Apr 17 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-3
- Related: rhbz#1396729 use cairo_surface_create_similar
* Tue Apr 10 2018 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.0.3.2-2
- finally drop bundled xmlsec1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1575000 - CVE-2018-10583 libreoffice: Information disclosure via SMB
connection embedded in malicious file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1575000
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-8d3f4d7b28' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------