==========================================================================
Ubuntu Security Notice USN-2331-1
September 02, 2014

libreoffice vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

LibreOffice Calc could be made to crash or run programs as your login if it
opened a specially crafted file.

Software Description:
– libreoffice: Office productivity suite

Details:

Rohan Durve and James Kettle discovered LibreOffice Calc sometimes allowed
for command injection when opening spreadsheets. If a user were tricked
into opening a crafted Calc spreadsheet, an attacker could exploit this to
run programs as your login.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
libreoffice-core 1:4.2.6.3-0ubuntu1

After a standard system update you need to restart LibreOffice to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2331-1
CVE-2014-3524

Package Information:
https://launchpad.net/ubuntu/+source/libreoffice/1:4.2.6.3-0ubuntu1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJUBgOhAAoJEFHb3FjMVZVzb7YP/R0w/nJ8MmghMve7HEiLDuOr
vFCE+1BMmWAm+2ERADXzQDbjRyUEIMpUX1+wryuO6ES9MfFhSNXZ736p0SsKJ2CG
/V77Vrm1aFbs0eIf3hl6jfWiV81A0D3GGXNLUHYlgdSqKh2SqMgZNnfcrbLR/T6I
x2pi0Fzunvqmxj8sv6FLXNiHGVqA9KY4MBKSn1UvLBcC1HmTzJvYj/wVIapR5cUf
mi1NiHj9/a/jIBz78aF0SdUb7t6rgxH3y3t0bQ/yFfX74JlkoZAW00OOlVXTMvsH
weO9JiGalGtn2zD+4kqRWTcj29QIJiZelIeuW5b9kaX+q2HdwTievI6z5hE+vDxv
J7+FmYRdJMc5krggCBD5VHzh+wFA3K84DBG26F03jNIRnldT3K9uSn85zfm34jRT
JTYdD9m5GuQ1DkKfDAP0M27kB0obNJbgkwrKZ5BcsTihS+Cj9Vct8qYgD7Nk9NWL
1TZejIywAj+ATCPx0lMYuwcESLeFuEvvSGdHHRI2Ar31OlBdUR5NGmir+HN0LYcB
1Qd8fqKDVhpLhZJG7pMfLjrtMykBekRwi//F/R/MmFGMAESM7aJUvcc7LwKVzidW
dW5MDmi0IbToozyvAu6lMAFQStNLsxMnTUY/rndS92K3R0xhQ7/ya5b7FRb7YvRW
En/JneyWc3ijLgEQxwos
=kzyg
—–END PGP SIGNATURE—–
—