Security update for libwpd SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:2943-1 Final 1 1 2017-11-07T00:52:38Z current 2017-11-07T00:52:38Z 2017-11-07T00:52:38Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libwpd This update for libwpd fixes the following issues: Security issue fixed: - CVE-2017-14226: WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application. (bnc#1058025) Bugfixes: - Fix various crashes, leaks and hangs when reading damaged files found by oss-fuzz. - Fix crash when NULL is passed as input stream. - Use symbol visibility on Linux. The library only exports public functions now. - Avoid infinite loop. (libwpd#3) - Remove bashism. (libwpd#5) - Fix various crashes and hangs when reading broken files found with the help of american-fuzzy-lop. - Make --help output of all command line tools more help2man-friendly. - Miscellaneous fixes and cleanups. - Generate manpages for the libwpd-tools This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00009.html E-Mail link for openSUSE-SU-2017:2943-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 libwpd-0.10.2-8.1 libwpd-0_10-10-0.10.2-8.1 libwpd-devel-0.10.2-8.1 libwpd-devel-doc-0.10.2-8.1 libwpd-tools-0.10.2-8.1 libwpd-0.10.2-8.1 as a component of openSUSE Leap 42.2 libwpd-0_10-10-0.10.2-8.1 as a component of openSUSE Leap 42.2 libwpd-devel-0.10.2-8.1 as a component of openSUSE Leap 42.2 libwpd-devel-doc-0.10.2-8.1 as a component of openSUSE Leap 42.2 libwpd-tools-0.10.2-8.1 as a component of openSUSE Leap 42.2 libwpd-0.10.2-8.1 as a component of openSUSE Leap 42.3 libwpd-0_10-10-0.10.2-8.1 as a component of openSUSE Leap 42.3 libwpd-devel-0.10.2-8.1 as a component of openSUSE Leap 42.3 libwpd-devel-doc-0.10.2-8.1 as a component of openSUSE Leap 42.3 libwpd-tools-0.10.2-8.1 as a component of openSUSE Leap 42.3 WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application. CVE-2017-14226 openSUSE Leap 42.2:libwpd-0.10.2-8.1 openSUSE Leap 42.2:libwpd-0_10-10-0.10.2-8.1 openSUSE Leap 42.2:libwpd-devel-0.10.2-8.1 openSUSE Leap 42.2:libwpd-devel-doc-0.10.2-8.1 openSUSE Leap 42.2:libwpd-tools-0.10.2-8.1 openSUSE Leap 42.3:libwpd-0.10.2-8.1 openSUSE Leap 42.3:libwpd-0_10-10-0.10.2-8.1 openSUSE Leap 42.3:libwpd-devel-0.10.2-8.1 openSUSE Leap 42.3:libwpd-devel-doc-0.10.2-8.1 openSUSE Leap 42.3:libwpd-tools-0.10.2-8.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2017-11/msg00009.html https://www.suse.com/security/cve/CVE-2017-14226.html CVE-2017-14226 https://bugzilla.suse.com/1058025 SUSE Bug 1058025