| Description |
This update addresses the following issues:
* LibreOffice has a feature where documents can specify that pre-installed
macros can be executed on various script events such as mouse-over,
document-open etc. Access is intended to be restricted to scripts under the
share/Scripts/python/, user/Scripts/python/ sub-directories of the
LibreOffice install. Protection was added, to address CVE-2019-9852, to
avoid a directory traversal attack where scripts in arbitrary locations on
the file system could be executed by employing a URL encoding attack to
defeat the path verification step. However this protection could be
bypassed by taking advantage of a flaw in how LibreOffice assembled the
final script URL location directly from components of the passed in path as
opposed to solely from the sanitized output of the path verification step.
(CVE-2019-9854) |
