Bugzilla – Bug 936190
VUL-0: CVE-2015-5213: LibreOffice: "Piece Table Counter" Invalid Check Design Error Vulnerability
Last modified: 2016-07-01 14:13:34 UTC
public via openoffice.org https://www.openoffice.org/security/cves/CVE-2015-5213.html A crafted Microsoft Word DOC file can be used to specify a document buffer that is too small for the amount of data provided for it. Failure to detect the discrepancy allows an attacker to cause denial of service (memory corruption and application crash) and possible execution of arbitrary code.
SUSE-SU-2015:1915-1: An update that solves 7 vulnerabilities and has 16 fixes is now available. Category: security (moderate) Bug References: 470073,806250,829430,890735,900186,900877,907966,910805,910806,913042,914911,915996,916181,918852,919409,926375,929793,934423,936188,936190,940838,943075,945692 CVE References: CVE-2014-8146,CVE-2014-8147,CVE-2015-1774,CVE-2015-4551,CVE-2015-5212,CVE-2015-5213,CVE-2015-5214 Sources used: SUSE Linux Enterprise Workstation Extension 12 (src): apache-commons-logging-1.1.3-7.1, cmis-client-0.5.0-5.1, flute-1.3.0-4.2, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libbase-1.1.3-4.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfonts-1.1.3-4.9, libformula-1.1.3-4.3, libfreehand-0.1.1-4.9, libgltf-0.0.1-2.1, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, liblayout-0.2.10-4.8, libloader-1.1.3-3.2, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, libpagemaker-0.0.2-2.3, libreoffice-5.0.2.2-13.14, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-6.3, librepository-1.1.3-4.3, librevenge-0.0.2-4.1, libserializer-1.1.2-4.3, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2, myspell-dictionaries-20150827-5.1, pentaho-libxml-1.1.3-4.3, pentaho-reporting-flow-engine-0.9.4-4.5, sac-1.3-4.1 SUSE Linux Enterprise Software Development Kit 12 (src): cmis-client-0.5.0-5.1, graphite2-1.3.1-3.1, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfreehand-0.1.1-4.9, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, librevenge-0.0.2-4.1, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2 SUSE Linux Enterprise Server 12 (src): apache-commons-logging-1.1.3-7.1, graphite2-1.3.1-3.1 SUSE Linux Enterprise Desktop 12 (src): apache-commons-logging-1.1.3-7.1, cmis-client-0.5.0-5.1, flute-1.3.0-4.2, graphite2-1.3.1-3.1, hyphen-2.8.8-9.1, libabw-0.1.1-5.3, libbase-1.1.3-4.3, libcdr-0.1.1-5.3, libe-book-0.1.2-4.2, libetonyek-0.1.3-3.5, libfonts-1.1.3-4.9, libformula-1.1.3-4.3, libfreehand-0.1.1-4.9, libgltf-0.0.1-2.1, libixion-0.9.1-3.1, liblangtag-0.5.7-3.1, liblayout-0.2.10-4.8, libloader-1.1.3-3.2, libmspub-0.1.2-5.1, libmwaw-0.3.6-3.3, libodfgen-0.1.4-3.9, liborcus-0.7.1-3.1, libpagemaker-0.0.2-2.3, libreoffice-5.0.2.2-13.14, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-6.3, librepository-1.1.3-4.3, librevenge-0.0.2-4.1, libserializer-1.1.2-4.3, libvisio-0.1.3-4.3, libvoikko-3.7.1-3.1, libwps-0.4.1-3.1, malaga-suomi-1.18-3.2, myspell-dictionaries-20150827-5.1, pentaho-libxml-1.1.3-4.3, pentaho-reporting-flow-engine-0.9.4-4.5, sac-1.3-4.1
This is an autogenerated message for OBS integration: This bug (936190) was mentioned in https://build.opensuse.org/request/show/342524 Factory / libreoffice
This is an autogenerated message for OBS integration: This bug (936190) was mentioned in https://build.opensuse.org/request/show/343268 Factory / libreoffice
This is an autogenerated message for OBS integration: This bug (936190) was mentioned in https://build.opensuse.org/request/show/343412 Leap:42.1 / libreoffice
This is an autogenerated message for OBS integration: This bug (936190) was mentioned in https://build.opensuse.org/request/show/343845 Leap:42.1 / libreoffice.1176.openSUSE_Leap_42.1_Update
SUSE-SU-2016:0324-1: An update that solves 7 vulnerabilities and has 19 fixes is now available. Category: security (moderate) Bug References: 306333,547549,668145,679938,681560,688200,718113,806250,857026,889755,890735,907636,907966,910805,910806,914911,934423,936188,936190,939996,940838,943075,945047,945692,951579,954345 CVE References: CVE-2014-8146,CVE-2014-8147,CVE-2014-9093,CVE-2015-4551,CVE-2015-5212,CVE-2015-5213,CVE-2015-5214 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): google-carlito-fonts-1.1.03.beta1-2.1, hyphen-2.8.8-2.1, libreoffice-5.0.4.2-23.1, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-2.26, libvoikko-3.7.1-5.2, myspell-dictionaries-20150827-23.1, mythes-1.2.4-2.1, python-importlib-1.0.2-0.8.1 SUSE Linux Enterprise Desktop 11-SP4 (src): google-carlito-fonts-1.1.03.beta1-2.1, hyphen-2.8.8-2.1, libreoffice-5.0.4.2-23.1, libreoffice-share-linker-1-2.1, libreoffice-voikko-4.1-2.26, libvoikko-3.7.1-5.2, myspell-dictionaries-20150827-23.1, mythes-1.2.4-2.1, python-importlib-1.0.2-0.8.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): hyphen-2.8.8-2.1, libreoffice-5.0.4.2-23.1, libvoikko-3.7.1-5.2, mythes-1.2.4-2.1
released
openSUSE-SU-2016:0588-1: An update that solves 9 vulnerabilities and has 15 fixes is now available. Category: security (moderate) Bug References: 679938,829430,889755,897903,900186,900214,900218,907636,910805,910806,915996,916181,926375,929793,934423,936188,936190,939996,940838,943075,945047,945692,951579,954345 CVE References: CVE-2014-3693,CVE-2014-8146,CVE-2014-8147,CVE-2014-9093,CVE-2015-4551,CVE-2015-45513,CVE-2015-5212,CVE-2015-5213,CVE-2015-5214 Sources used: openSUSE 13.2 (src): cmis-client-0.5.0-4.3.2, libetonyek-0.1.3-2.3.2, libmwaw-0.3.6-2.7.2, libodfgen-0.1.4-2.3.2, libpagemaker-0.0.2-2.2, libreoffice-5.0.4.2-28.1, libreoffice-share-linker-1-2.2, libwps-0.4.1-2.4.2, mdds-0.12.1-2.4.2