皆様 以下のようにTDFから脆弱性の修正についてのお知らせがありました。 LibreOffice 5をご利用の方は5.4.6、LibreOffice 6をお使いの場合は6.0.2に 更新することをお奨めします。 -- Takeshi Abe On Wed, 18 Apr 2018 16:01:30 +0100, Caolán McNamara <caolanm@redhat.com> wrote:
TL;DR; Upgrade to >= 5.4.6 or >= 6.0.2 https://www.libreoffice.org/about-us/security/advisories/CVE-2018-10119 CVE-2018-10119 Use After Free in Structured Storage parser Fixed in LibreOffice 5.4.5/6.0.1 LibreOffice before 5.4.5 and 6.x before 6.0.1 have a flaw in an edge case in processing the structured storage ole2 wrapper file format. A short datatype is used which can overflow resulting in a write to recently freed data https://www.libreoffice.org/about-us/security/advisories/CVE-2018-10120 CVE-2018-10120 Heap Buffer Overflow in MSWord Customizations parsing Fixed in: LibreOffice 5.4.6/6.0.2 LibreOffice before 5.4.6 and 6.x before 6.0.2 have a flaw in an edge case in processing a specific uncommon Microsoft Word record. An index into a dynamically allocated buffer is used without bounds checking. -- To unsubscribe e-mail to: discuss+unsubscribe@documentfoundation.org Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.documentfoundation.org/www/discuss/ All messages sent to this list will be publicly archived and cannot be deleted
-- Unsubscribe instructions: E-mail to discuss+unsubscribe@ja.libreoffice.org Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/ja/discuss/ All messages sent to this list will be publicly archived and cannot be deleted