USN-4063-1: LibreOffice vulnerabilities

17 July 2019

Several security issues were fixed in LibreOffice.




Nils Emmerich discovered that LibreOffice incorrectly handled LibreLogo
scripts. If a user were tricked into opening a specially crafted document,
a remote attacker could cause LibreOffice to execute arbitrary code.

Matei "Mal" Badanoiu discovered that LibreOffice incorrectly handled
stealth mode. Contrary to expectations, bullet graphics could be retrieved
from remote locations when running in stealth mode. (CVE-2019-9849)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
Ubuntu 18.04
Ubuntu 16.04

After a standard system update you need to restart LibreOffice to make all
the necessary changes.