Bugzilla – Bug 936188
VUL-0: CVE-2015-5212: LibreOffice: "PrinterSetup Length" Integer Underflow Vulnerability
Last modified: 2016-07-01 14:13:25 UTC
public on openoffice.org website: https://www.openoffice.org/security/cves/CVE-2015-5212.html A crafted ODF document can be used to create a buffer that is too small for the amount of data loaded into it, allowing an attacker to cause denial of service (memory corruption and application crash) and possible execution of arbitrary code.
SUSE-SU-2015:1915-1: An update that solves 7 vulnerabilities and has 16 fixes is now available. Category: security (moderate) Bug References: 470073,806250,829430,890735,900186,900877,907966,910805,910806,913042,914911,915996,916181,918852,919409,926375,929793,934423,936188,936190,940838,943075,945692 CVE References: CVE-2014-8146,CVE-2014-8147,CVE-2015-1774,CVE-2015-4551,CVE-2015-5212,CVE-2015-5213,CVE-2015-5214 Sources used: SUSE Linux Enterprise Workstation Extension 12 (src): apache-commons-logging-1.1.3-7.1, cmis-client-0.5.0-5.1, flute-1.3.0-4.2, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libbase-1.1.3-4.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfonts-1.1.3-4.9, libformula-1.1.3-4.3, libfreehand-0.1.1-4.9, libgltf-0.0.1-2.1, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, liblayout-0.2.10-4.8, libloader-1.1.3-3.2, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, libpagemaker-0.0.2-2.3, libreoffice-5.0.2.2-13.14, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-6.3, librepository-1.1.3-4.3, librevenge-0.0.2-4.1, libserializer-1.1.2-4.3, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2, myspell-dictionaries-20150827-5.1, pentaho-libxml-1.1.3-4.3, pentaho-reporting-flow-engine-0.9.4-4.5, sac-1.3-4.1 SUSE Linux Enterprise Software Development Kit 12 (src): cmis-client-0.5.0-5.1, graphite2-1.3.1-3.1, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfreehand-0.1.1-4.9, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, librevenge-0.0.2-4.1, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2 SUSE Linux Enterprise Server 12 (src): apache-commons-logging-1.1.3-7.1, graphite2-1.3.1-3.1 SUSE Linux Enterprise Desktop 12 (src): apache-commons-logging-1.1.3-7.1, cmis-client-0.5.0-5.1, flute-1.3.0-4.2, graphite2-1.3.1-3.1, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libbase-1.1.3-4.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfonts-1.1.3-4.9, libformula-1.1.3-4.3, libfreehand-0.1.1-4.9, libgltf-0.0.1-2.1, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, liblayout-0.2.10-4.8, libloader-1.1.3-3.2, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, libpagemaker-0.0.2-2.3, libreoffice-5.0.2.2-13.14, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-6.3, librepository-1.1.3-4.3, librevenge-0.0.2-4.1, libserializer-1.1.2-4.3, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2, myspell-dictionaries-20150827-5.1, pentaho-libxml-1.1.3-4.3, pentaho-reporting-flow-engine-0.9.4-4.5, sac-1.3-4.1
This is an autogenerated message for OBS integration: This bug (936188) was mentioned in https://build.opensuse.org/request/show/342524 Factory / libreoffice
This is an autogenerated message for OBS integration: This bug (936188) was mentioned in https://build.opensuse.org/request/show/343268 Factory / libreoffice
This is an autogenerated message for OBS integration: This bug (936188) was mentioned in https://build.opensuse.org/request/show/343412 Leap:42.1 / libreoffice
This is an autogenerated message for OBS integration: This bug (936188) was mentioned in https://build.opensuse.org/request/show/343845 Leap:42.1 / libreoffice.1176.openSUSE_Leap_42.1_Update
SUSE-SU-2016:0324-1: An update that solves 7 vulnerabilities and has 19 fixes is now available. Category: security (moderate) Bug References: 306333,547549,668145,679938,681560,688200,718113,806250,857026,889755,890735,907636,907966,910805,910806,914911,934423,936188,936190,939996,940838,943075,945047,945692,951579,954345 CVE References: CVE-2014-8146,CVE-2014-8147,CVE-2014-9093,CVE-2015-4551,CVE-2015-5212,CVE-2015-5213,CVE-2015-5214 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): google-carlito-fonts-1.1.03.beta1-2.1, hyphen-2.8.8-2.1, libreoffice-5.0.4.2-23.1, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-2.26, libvoikko-3.7.1-5.2, myspell-dictionaries-20150827-23.1, mythes-1.2.4-2.1, python-importlib-1.0.2-0.8.1 SUSE Linux Enterprise Desktop 11-SP4 (src): google-carlito-fonts-1.1.03.beta1-2.1, hyphen-2.8.8-2.1, libreoffice-5.0.4.2-23.1, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-2.26, libvoikko-3.7.1-5.2, myspell-dictionaries-20150827-23.1, mythes-1.2.4-2.1, python-importlib-1.0.2-0.8.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): hyphen-2.8.8-2.1, libreoffice-5.0.4.2-23.1, libvoikko-3.7.1-5.2, mythes-1.2.4-2.1
released
openSUSE-SU-2016:0588-1: An update that solves 9 vulnerabilities and has 15 fixes is now available. Category: security (moderate) Bug References: 679938,829430,889755,897903,900186,900214,900218,907636,910805,910806,915996,916181,926375,929793,934423,936188,936190,939996,940838,943075,945047,945692,951579,954345 CVE References: CVE-2014-3693,CVE-2014-8146,CVE-2014-8147,CVE-2014-9093,CVE-2015-4551,CVE-2015-45513,CVE-2015-5212,CVE-2015-5213,CVE-2015-5214 Sources used: openSUSE 13.2 (src): cmis-client-0.5.0-4.3.2, libetonyek-0.1.3-2.3.2, libmwaw-0.3.6-2.7.2, libodfgen-0.1.4-2.3.2, libpagemaker-0.0.2-2.2, libreoffice-5.0.4.2-28.1, libreoffice-share-linker-1-2.2, libwps-0.4.1-2.4.2, mdds-0.12.1-2.4.2