GNU bug report logs - #30414
Libreoffice CVE-2018-6871 [remote read of any local files]

Previous Next

Package: guix;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Sat, 10 Feb 2018 18:54:01 UTC

Severity: normal

Done: Marius Bakke <mbakke <at> fastmail.com>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: bug-guix <at> gnu.org
Subject: Libreoffice CVE-2018-6871 [remote read of any local files]
Date: Sat, 10 Feb 2018 13:52:46 -0500

[Message part 1 (text/plain, inline)]

We need to fix CVE-2018-6871 in our LibreOffice package. This bug allows
remote attackers to read any file accessible from LibreOffice by
supplying a crafted file to open in LibreOffice.

Apparently the bug is fixed in LibreOffice 5.4.5 or 6.0.1.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6871
https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 7 years and 186 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #30414 Libreoffice CVE-2018-6871 [remote read of any local files]

GNU bug report logs - #30414
Libreoffice CVE-2018-6871 [remote read of any local files]