Security update for libreoffice

Announcement ID:	SUSE-SU-2020:2283-1
Rating:	moderate
References:	bsc#1062631 bsc#1146025 bsc#1157627 bsc#1165849 bsc#1172053 bsc#1172189 bsc#1172795 bsc#1172796
Cross-References:	CVE-2020-12802 CVE-2020-12803
CVSS scores:	CVE-2020-12802 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVE-2020-12802 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2020-12803 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H CVE-2020-12803 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 12-SP5

An update that solves two vulnerabilities and has six security fixes can now be installed.

Description:

This update for libreoffice fixes the following issues:

• Update to 6.4.5.2:
• Various fixes all around
• Remove mime-info and application-registry dirs bsc#1062631
• Fix bsc#1172053 - LO-L3: Image disappears during roundtrip 365->Impress->365
• bsc1172053.diff
• Fix bsc#1172189 - LO-L3: Impress crashes midway opening a PPTX document
• bsc1172189.diff
• Fix bsc#1157627 - LO-L3: Some XML-created shapes simply lost upon PPTX import (= earth loses countries)
• bsc1157627.diff
• Fix bsc#1146025 - LO-L3: Colored textboxes in PPTX look very odd (SmartArt)
• Fix bsc#1165849 - LO-L3: Shadow size for rectangle is only a fraction of Office 365
• bsc1165849-1.diff
• bsc1165849-2.diff
• bsc1165849-3.diff

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Software Development Kit 12 SP5
  zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2283=1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5
  zypper in -t patch SUSE-SLE-WE-12-SP5-2020-2283=1

Package List:

• SUSE Linux Enterprise Software Development Kit 12 SP5 (x86_64)
  • libreoffice-debugsource-6.4.5.2-43.68.1
  • libreoffice-sdk-debuginfo-6.4.5.2-43.68.1
  • libreoffice-sdk-6.4.5.2-43.68.1
  • libreoffice-debuginfo-6.4.5.2-43.68.1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64)
  • libreoffice-draw-6.4.5.2-43.68.1
  • libreoffice-pyuno-6.4.5.2-43.68.1
  • libreoffice-debuginfo-6.4.5.2-43.68.1
  • libreoffice-impress-debuginfo-6.4.5.2-43.68.1
  • libreoffice-writer-debuginfo-6.4.5.2-43.68.1
  • libreoffice-gnome-6.4.5.2-43.68.1
  • libreoffice-impress-6.4.5.2-43.68.1
  • libreoffice-officebean-6.4.5.2-43.68.1
  • libreoffice-officebean-debuginfo-6.4.5.2-43.68.1
  • libreoffice-debugsource-6.4.5.2-43.68.1
  • libreoffice-calc-6.4.5.2-43.68.1
  • libreoffice-pyuno-debuginfo-6.4.5.2-43.68.1
  • libreoffice-calc-extensions-6.4.5.2-43.68.1
  • libreoffice-filters-optional-6.4.5.2-43.68.1
  • libreoffice-calc-debuginfo-6.4.5.2-43.68.1
  • libreoffice-librelogo-6.4.5.2-43.68.1
  • libreoffice-draw-debuginfo-6.4.5.2-43.68.1
  • libreoffice-base-6.4.5.2-43.68.1
  • libreoffice-writer-extensions-6.4.5.2-43.68.1
  • libreoffice-base-drivers-postgresql-6.4.5.2-43.68.1
  • libreoffice-6.4.5.2-43.68.1
  • libreoffice-gnome-debuginfo-6.4.5.2-43.68.1
  • libreoffice-mailmerge-6.4.5.2-43.68.1
  • libreoffice-base-debuginfo-6.4.5.2-43.68.1
  • libreoffice-math-6.4.5.2-43.68.1
  • libreoffice-writer-6.4.5.2-43.68.1
  • libreoffice-base-drivers-postgresql-debuginfo-6.4.5.2-43.68.1
  • libreoffice-math-debuginfo-6.4.5.2-43.68.1
• SUSE Linux Enterprise Workstation Extension 12 12-SP5 (noarch)
  • libreoffice-l10n-hu-6.4.5.2-43.68.1
  • libreoffice-l10n-xh-6.4.5.2-43.68.1
  • libreoffice-l10n-pt_BR-6.4.5.2-43.68.1
  • libreoffice-l10n-zh_CN-6.4.5.2-43.68.1
  • libreoffice-l10n-cs-6.4.5.2-43.68.1
  • libreoffice-l10n-ro-6.4.5.2-43.68.1
  • libreoffice-l10n-sv-6.4.5.2-43.68.1
  • libreoffice-l10n-af-6.4.5.2-43.68.1
  • libreoffice-l10n-ja-6.4.5.2-43.68.1
  • libreoffice-l10n-gu-6.4.5.2-43.68.1
  • libreoffice-l10n-de-6.4.5.2-43.68.1
  • libreoffice-l10n-bg-6.4.5.2-43.68.1
  • libreoffice-l10n-zu-6.4.5.2-43.68.1
  • libreoffice-l10n-zh_TW-6.4.5.2-43.68.1
  • libreoffice-l10n-sk-6.4.5.2-43.68.1
  • libreoffice-l10n-pl-6.4.5.2-43.68.1
  • libreoffice-l10n-lt-6.4.5.2-43.68.1
  • libreoffice-l10n-uk-6.4.5.2-43.68.1
  • libreoffice-l10n-hr-6.4.5.2-43.68.1
  • libreoffice-l10n-hi-6.4.5.2-43.68.1
  • libreoffice-l10n-ru-6.4.5.2-43.68.1
  • libreoffice-l10n-es-6.4.5.2-43.68.1
  • libreoffice-l10n-it-6.4.5.2-43.68.1
  • libreoffice-l10n-nb-6.4.5.2-43.68.1
  • libreoffice-l10n-pt_PT-6.4.5.2-43.68.1
  • libreoffice-icon-themes-6.4.5.2-43.68.1
  • libreoffice-l10n-nn-6.4.5.2-43.68.1
  • libreoffice-branding-upstream-6.4.5.2-43.68.1
  • libreoffice-l10n-ar-6.4.5.2-43.68.1
  • libreoffice-l10n-ca-6.4.5.2-43.68.1
  • libreoffice-l10n-ko-6.4.5.2-43.68.1
  • libreoffice-l10n-fi-6.4.5.2-43.68.1
  • libreoffice-l10n-da-6.4.5.2-43.68.1
  • libreoffice-l10n-en-6.4.5.2-43.68.1
  • libreoffice-l10n-fr-6.4.5.2-43.68.1
  • libreoffice-l10n-nl-6.4.5.2-43.68.1

References:

• https://www.suse.com/security/cve/CVE-2020-12802.html
• https://www.suse.com/security/cve/CVE-2020-12803.html
• https://bugzilla.suse.com/show_bug.cgi?id=1062631
• https://bugzilla.suse.com/show_bug.cgi?id=1146025
• https://bugzilla.suse.com/show_bug.cgi?id=1157627
• https://bugzilla.suse.com/show_bug.cgi?id=1165849
• https://bugzilla.suse.com/show_bug.cgi?id=1172053
• https://bugzilla.suse.com/show_bug.cgi?id=1172189
• https://bugzilla.suse.com/show_bug.cgi?id=1172795
• https://bugzilla.suse.com/show_bug.cgi?id=1172796