[ja-discuss] Re: [tdf-discuss] security related information, CVE-2017-3157

Takeshi Abe <tabe -AT- fixedpoint.jp>
Thu, 23 Feb 2017 09:40:26 +0900 (JST)

皆様

CVE-2017-3157として報告されているCalcとWriterでの脆弱性が
LibreOffice 5.1.6/5.2.2/5.3.0
で修正されているという案内がありました。
上記より以前のバージョンを利用されている場合にはアップグレードすることを
お奨めします。

-- Takeshi Abe

On Wed, 22 Feb 2017 14:26:21 +0000, Caolán McNamara <caolanm@redhat.com> wrote:

Fixed in LibreOffice 5.1.6/5.2.2/5.3.0

---
CVE-2017-3157 Arbitrary file disclosure in Calc and Writer
http://www.libreoffice.org/about-us/security/advisories/CVE-2017-3157

Embedded Objects in writer and calc can contain previews of their
content. A document can be crafted which contains an embedded object
that is a link to an existing file on the targets system. On load the
preview of the embedded object will be updated to reflect the content
of the file on the target system. In the case of LibreOffice used as an
online service that preview of data on the target system could be used
to expose details of the environment LibreOffice is running in. In the
case of LibreOffice as a standard desktop application, the preview
could be concealed in hidden sections and retrieved by the attacker if
the document is saved and returned to sender.

In later version of LibreOffice without this flaw the LinkUpdateMode
feature has been expanded to additionally control the update of
previews of embedded objects as well as its prior function to control
the update of embedded object contents.
---

This is somewhat similar to
https://www.libreoffice.org/about-us/security/advisories/CVE-2015-4551
but instead of the *content* of an embedded link to a file getting
updated this is limited to the *preview* of the file getting updated.

-- 
To unsubscribe e-mail to: discuss+unsubscribe@documentfoundation.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.documentfoundation.org/www/discuss/
All messages sent to this list will be publicly archived and cannot be deleted


-- 
Unsubscribe instructions: E-mail to discuss+unsubscribe@ja.libreoffice.org
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/ja/discuss/
All messages sent to this list will be publicly archived and cannot be deleted

Context

[ja-discuss] Re: [tdf-discuss] security related information, CVE-2017-3157 · Takeshi Abe

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.