USN-4138-1: LibreOffice vulnerability
24 September 2019
LibreOffice could be made to run programs as your login if it opened a specially crafted file.
- libreoffice - Office productivity suite
It was discovered that LibreOffice incorrectly handled embedded scripts in
document files. If a user were tricked into opening a specially crafted
document, a remote attacker could possibly execute arbitrary code.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart LibreOffice to make all
the necessary changes.