Bug 919409 (CVE-2015-1774) - VUL-0: CVE-2015-1774: LibreOffice: hwpfilter picture type vulnerability
Summary: VUL-0: CVE-2015-1774: LibreOffice: hwpfilter picture type vulnerability
Status: RESOLVED FIXED
Alias: CVE-2015-1774
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Deadline: 2015-04-08
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: maint:running:61296:moderate maint:ru...
Keywords:
Depends on:
Blocks:
 
Reported: 2015-02-25 07:22 UTC by Petr Mladek
Modified: 2018-05-03 22:38 UTC (History)
6 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 3 Swamp Workflow Management 2015-02-26 23:00:16 UTC 
bugbot adjusting priority
Comment 9 Swamp Workflow Management 2015-03-25 09:52:10 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2015-04-08.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/61296
Comment 13 Andreas Stieger 2015-04-26 20:48:16 UTC 
public via http://listarchives.documentfoundation.org/www/announce/msg00228.html

> Date: Sun, 26 Apr 2015 15:57:14 +0200
> From: Italo Vignoli <italo.vignoli@documentfoundation.org>
> To: announce@documentfoundation.org
> Subject: [tdf-announce] CVE-2015-1774
> 
> LibreOffice 4.3.7, announced yesterday, and LibreOffice 4.4.2, announced
> in early April, include a security patch for CVE-2015-1774 OpenOffice
> HWP Filter Remote Execution and DoS Vulnerability.
> 
> A vulnerability in OpenOffice's HWP (Hangul Word Processor) filter
> allows attackers to cause a denial of service (memory corruption and
> application crash) or possibly the execution of arbitrary code by
> preparing specially crafted documents in the HWP document format in
> versions from 1997 or older.
> 
> Users are invited to update their version of LibreOffice to 4.3.7
> "Still" or 4.4.2 "Fresh", in order to protect their system from the
> potential effects of this vulnerability.

A mitigation is mentioned on http://markmail.org/message/led5pdey7pbyhhtc for the sibling Apache OpenOffice:

> Mitigation:
> 
> [...] users are advised to remove the problematic library [...]
> [...] on Linux it is named "libhwp.so". [...]
> This mitigation will drop AOO's support for documents created in "Hangul
> Word Processor" versions from 1997 or older. Users of such documents are
> advised to convert their documents to other document formats such as
> OpenDocument before doing so.
Comment 14 Swamp Workflow Management 2015-05-12 15:07:36 UTC 
openSUSE-SU-2015:0859-1: An update that solves one vulnerability and has one errata is now available.

Category: security (moderate)
Bug References: 881214,919409
CVE References: CVE-2015-1774
Sources used:
openSUSE 13.2 (src):    libreoffice-4.3.7.2-18.1
Comment 15 Swamp Workflow Management 2015-11-05 08:16:53 UTC 
SUSE-SU-2015:1915-1: An update that solves 7 vulnerabilities and has 16 fixes is now available.

Category: security (moderate)
Bug References: 470073,806250,829430,890735,900186,900877,907966,910805,910806,913042,914911,915996,916181,918852,919409,926375,929793,934423,936188,936190,940838,943075,945692
CVE References: CVE-2014-8146,CVE-2014-8147,CVE-2015-1774,CVE-2015-4551,CVE-2015-5212,CVE-2015-5213,CVE-2015-5214
Sources used:
SUSE Linux Enterprise Workstation Extension 12 (src):    apache-commons-logging-1.1.3-7.1, cmis-client-0.5.0-5.1, flute-1.3.0-4.2, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libbase-1.1.3-4.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfonts-1.1.3-4.9, libformula-1.1.3-4.3, libfreehand-0.1.1-4.9, libgltf-0.0.1-2.1, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, liblayout-0.2.10-4.8, libloader-1.1.3-3.2, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, libpagemaker-0.0.2-2.3, libreoffice-5.0.2.2-13.14, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-6.3, librepository-1.1.3-4.3, librevenge-0.0.2-4.1, libserializer-1.1.2-4.3, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2, myspell-dictionaries-20150827-5.1, pentaho-libxml-1.1.3-4.3, pentaho-reporting-flow-engine-0.9.4-4.5, sac-1.3-4.1
SUSE Linux Enterprise Software Development Kit 12 (src):    cmis-client-0.5.0-5.1, graphite2-1.3.1-3.1, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfreehand-0.1.1-4.9, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, librevenge-0.0.2-4.1, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2
SUSE Linux Enterprise Server 12 (src):    apache-commons-logging-1.1.3-7.1, graphite2-1.3.1-3.1
SUSE Linux Enterprise Desktop 12 (src):    apache-commons-logging-1.1.3-7.1, cmis-client-0.5.0-5.1, flute-1.3.0-4.2, graphite2-1.3.1-3.1, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libbase-1.1.3-4.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfonts-1.1.3-4.9, libformula-1.1.3-4.3, libfreehand-0.1.1-4.9, libgltf-0.0.1-2.1, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, liblayout-0.2.10-4.8, libloader-1.1.3-3.2, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, libpagemaker-0.0.2-2.3, libreoffice-5.0.2.2-13.14, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-6.3, librepository-1.1.3-4.3, librevenge-0.0.2-4.1, libserializer-1.1.2-4.3, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2, myspell-dictionaries-20150827-5.1, pentaho-libxml-1.1.3-4.3, pentaho-reporting-flow-engine-0.9.4-4.5, sac-1.3-4.1
Comment 16 Marcus Meissner 2016-02-10 07:35:04 UTC 
was not listed for sled 11 sp4, but i assume that is also fixed