Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 09 Feb 2018 23:46:25 +0000
From:      bugzilla-noreply@freebsd.org
To:        office@FreeBSD.org
Subject:   [Bug 225797] security/vuxml: Document vulnerability in LibreOffice (CVE-2018-6871 / CVE-2018-1055)
Message-ID:  <bug-225797-25061@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225797

            Bug ID: 225797
           Summary: security/vuxml: Document vulnerability in LibreOffice
                    (CVE-2018-6871 / CVE-2018-1055)
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://www.libreoffice.org/about-us/security/advisori
                    es/cve-2018-1055/
                OS: Any
            Status: New
          Keywords: patch, security
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-secteam@FreeBSD.org
          Reporter: vlad-fbsd@acheronmedia.com
                CC: office@FreeBSD.org
          Assignee: ports-secteam@FreeBSD.org
             Flags: maintainer-feedback?(ports-secteam@FreeBSD.org)

Created attachment 190471
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D190471&action=
=3Dedit
Document CVE-2018-6871

"LibreOffice Calc supports a WEBSERVICE function to obtain data by URL.
Vulnerable versions of LibreOffice allow WEBSERVICE to take a local file URL
(e.g file://) which can be used to inject local files into the spreadsheet
without warning the user. Subsequent formulas can operate on that inserted =
data
and construct a remote URL whose path leaks the local data to a remote
attacker."

"In later versions of LibreOffice without this flaw, WEBSERVICE has now been
limited to accessing http and https URLs along with bringing WEBSERVICE URLs
under LibreOffice Calc's link management infrastructure."

* CVE-2018-6871

* Summary:
  https://www.libreoffice.org/about-us/security/advisories/cve-2018-1055/

* NOTE:

  This vulnerability has been identified upstream as CVE-2018-1055,
  but NVD/Mitre are advising it's a reservation duplicate of
  CVE-2018-6871 which should be used instead.

  https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2018-6871

--=20
You are receiving this mail because:
You are on the CC list for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-225797-25061>