Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-25633 (GCVE-0-2021-25633)
Vulnerability from cvelistv5 – Published: 2021-10-11 16:43 – Updated: 2024-09-16 18:28
VLAI?
EPSS
Title
Content Manipulation with Double Certificate Attack
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
Severity ?
No CVSS data available.
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Document Foundation | LibreOffice |
Affected:
7-0 , < 7.0.6
(custom)
Affected: 7-1 , < 7.1.2 (custom) |
Credits
NDS of Ruhr University Bochum
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.0.6",
"status": "affected",
"version": "7-0",
"versionType": "custom"
},
{
"lessThan": "7.1.2",
"status": "affected",
"version": "7-1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "NDS of Ruhr University Bochum"
}
],
"datePublic": "2021-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-17T10:06:21.000Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Content Manipulation with Double Certificate Attack",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2021-10-11T00:00:00.000Z",
"ID": "CVE-2021-25633",
"STATE": "PUBLIC",
"TITLE": "Content Manipulation with Double Certificate Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7-0",
"version_value": "7.0.6"
},
{
"version_affected": "\u003c",
"version_name": "7-1",
"version_value": "7.1.2"
}
]
}
}
]
},
"vendor_name": "The Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "NDS of Ruhr University Bochum"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4988"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2021-25633",
"datePublished": "2021-10-11T16:43:34.400Z",
"dateReserved": "2021-01-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:28:34.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25633
Vulnerability from fstec - Published: 11.10.2021
VLAI Severity ?
Title
Уязвимость пакета офисных программ LibreOffice, связанная с ошибками при формировании документов documentsignatures.xml, macrosignatures.xml, позволяющая нарушителю манипулировать подписанными документами
Description
Уязвимость пакета офисных программ LibreOffice связана с ошибками при формировании документов documentsignatures.xml, macrosignatures.xml. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, манипулировать подписанными документами
Severity ?
Vendor
Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», Red Hat Inc., The Document Foundation, ООО «Ред Софт», АО "НППКТ"
Software Name
Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, LibreOffice, РЕД ОС (запись в едином реестре российских программ №3751), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913)
Software Version
9 (Debian GNU/Linux), 1.6 «Смоленск» (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 10 (Debian GNU/Linux), 11 (Debian GNU/Linux), от 7.0.0 до 7.0.6 (LibreOffice), от 7.1.0 до 7.1.2 (LibreOffice), 7.3 (РЕД ОС), 4.7 (Astra Linux Special Edition), до 2.7 (ОСОН ОСнова Оnyx)
Possible Mitigations
Использование рекомендаций:
Для Debian/GNU Linux:
https://security-tracker.debian.org/tracker/CVE-2021-25633
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2021-25633
Для LibreOffice:
https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633
Для РедОС:
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Для ОС Astra Linux:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
Для Astra Linux Special Edition 4.7 (для архитектуры ARM):
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47
Для ОСОН ОСнова Оnyx (версия 2.7):
Обновление программного обеспечения libreoffice до версии 4:7.4.5+repack-1~bpo11+1osnova1
Reference
https://access.redhat.com/security/cve/cve-2021-25633
https://redos.red-soft.ru/support/secure/
https://security-tracker.debian.org/tracker/CVE-2021-25633
https://www.cybersecurity-help.cz/vdb/SB2021101902
https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25633/
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.7/
CWE
CWE-295
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., The Document Foundation, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\"",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 8 (Red Hat Enterprise Linux), 10 (Debian GNU/Linux), 11 (Debian GNU/Linux), \u043e\u0442 7.0.0 \u0434\u043e 7.0.6 (LibreOffice), \u043e\u0442 7.1.0 \u0434\u043e 7.1.2 (LibreOffice), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 4.7 (Astra Linux Special Edition), \u0434\u043e 2.7 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Debian/GNU Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2021-25633\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2021-25633\n\n\u0414\u043b\u044f LibreOffice:\nhttps://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421:\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 (\u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM):\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0432\u0435\u0440\u0441\u0438\u044f 2.7):\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libreoffice \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4:7.4.5+repack-1~bpo11+1osnova1",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.10.2021",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "15.02.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "10.11.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-05337",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-25633",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, LibreOffice, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 \u043e\u0444\u0438\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c LibreOffice, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 documentsignatures.xml, macrosignatures.xml, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 (CWE-295)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 \u043e\u0444\u0438\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c LibreOffice \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043f\u0440\u0438 \u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 documentsignatures.xml, macrosignatures.xml. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c\u0438 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u041f\u043e\u0434\u043c\u0435\u043d\u0430 \u043f\u0440\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2021-25633\nhttps://redos.red-soft.ru/support/secure/\nhttps://security-tracker.debian.org/tracker/CVE-2021-25633\nhttps://www.cybersecurity-help.cz/vdb/SB2021101902\nhttps://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633\nhttps://www.libreoffice.org/about-us/security/advisories/cve-2021-25633/\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0926SE47\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.7/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-295",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
GHSA-FX8R-3HMX-C78J
Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17
VLAI?
Details
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
{
"affected": [],
"aliases": [
"CVE-2021-25633"
],
"database_specific": {
"cwe_ids": [
"CWE-295"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-10-11T17:15:00Z",
"severity": "HIGH"
},
"details": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.",
"id": "GHSA-fx8r-3hmx-c78j",
"modified": "2022-05-24T19:17:09Z",
"published": "2022-05-24T19:17:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25633"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4988"
},
{
"type": "WEB",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2021-25633
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-25633",
"description": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.",
"id": "GSD-2021-25633",
"references": [
"https://www.suse.com/security/cve/CVE-2021-25633.html",
"https://www.debian.org/security/2021/dsa-4988",
"https://ubuntu.com/security/CVE-2021-25633",
"https://advisories.mageia.org/CVE-2021-25633.html",
"https://linux.oracle.com/cve/CVE-2021-25633.html",
"https://access.redhat.com/errata/RHSA-2022:1766"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-25633"
],
"details": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.",
"id": "GSD-2021-25633",
"modified": "2023-12-13T01:23:21.757760Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2021-10-11T00:00:00.000Z",
"ID": "CVE-2021-25633",
"STATE": "PUBLIC",
"TITLE": "Content Manipulation with Double Certificate Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7-0",
"version_value": "7.0.6"
},
{
"version_affected": "\u003c",
"version_name": "7-1",
"version_value": "7.1.2"
}
]
}
}
]
},
"vendor_name": "The Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "NDS of Ruhr University Bochum"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4988"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.1.2",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"ID": "CVE-2021-25633"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2021-10-18T18:13Z",
"publishedDate": "2021-10-11T17:15Z"
}
}
}
CNVD-2022-55627
Vulnerability from cnvd - Published: 2022-08-03
VLAI Severity ?
Title
LibreOffice信任管理问题漏洞(CNVD-2022-55627)
Description
LibreOffice是一套可与其他主要办公室软体相容的套件,可在各种平台上执行。
LibreOffice存在信任管理问题漏洞。攻击者可利用该漏洞通过操纵文档中的documentsignatures.xml或macrosignatures.xml流来组合多个证书数据,从而创建数字签名的ODF文档,打开时,会导致LibreOffice显示一个有效签名的指示器,但其内容与显示的签名无关。
Severity
中
Patch Name
LibreOffice信任管理问题漏洞(CNVD-2022-55627)的补丁
Patch Description
LibreOffice是一套可与其他主要办公室软体相容的套件,可在各种平台上执行。
LibreOffice存在信任管理问题漏洞。攻击者可利用该漏洞通过操纵文档中的documentsignatures.xml或macrosignatures.xml流来组合多个证书数据,从而创建数字签名的ODF文档,打开时,会导致LibreOffice显示一个有效签名的指示器,但其内容与显示的签名无关。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633
Reference
https://www.debian.org/security/2021/dsa-4988
Impacted products
| Name | ['LibreOffice LibreOffice <7.0.6', 'LibreOffice LibreOffice <7.1.2'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2021-25633",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-25633"
}
},
"description": "LibreOffice\u662f\u4e00\u5957\u53ef\u4e0e\u5176\u4ed6\u4e3b\u8981\u529e\u516c\u5ba4\u8f6f\u4f53\u76f8\u5bb9\u7684\u5957\u4ef6\uff0c\u53ef\u5728\u5404\u79cd\u5e73\u53f0\u4e0a\u6267\u884c\u3002\n\nLibreOffice\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u64cd\u7eb5\u6587\u6863\u4e2d\u7684documentsignatures.xml\u6216macrosignatures.xml\u6d41\u6765\u7ec4\u5408\u591a\u4e2a\u8bc1\u4e66\u6570\u636e\uff0c\u4ece\u800c\u521b\u5efa\u6570\u5b57\u7b7e\u540d\u7684ODF\u6587\u6863\uff0c\u6253\u5f00\u65f6\uff0c\u4f1a\u5bfc\u81f4LibreOffice\u663e\u793a\u4e00\u4e2a\u6709\u6548\u7b7e\u540d\u7684\u6307\u793a\u5668\uff0c\u4f46\u5176\u5185\u5bb9\u4e0e\u663e\u793a\u7684\u7b7e\u540d\u65e0\u5173\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2022-55627",
"openTime": "2022-08-03",
"patchDescription": "LibreOffice\u662f\u4e00\u5957\u53ef\u4e0e\u5176\u4ed6\u4e3b\u8981\u529e\u516c\u5ba4\u8f6f\u4f53\u76f8\u5bb9\u7684\u5957\u4ef6\uff0c\u53ef\u5728\u5404\u79cd\u5e73\u53f0\u4e0a\u6267\u884c\u3002\r\n\r\nLibreOffice\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u64cd\u7eb5\u6587\u6863\u4e2d\u7684documentsignatures.xml\u6216macrosignatures.xml\u6d41\u6765\u7ec4\u5408\u591a\u4e2a\u8bc1\u4e66\u6570\u636e\uff0c\u4ece\u800c\u521b\u5efa\u6570\u5b57\u7b7e\u540d\u7684ODF\u6587\u6863\uff0c\u6253\u5f00\u65f6\uff0c\u4f1a\u5bfc\u81f4LibreOffice\u663e\u793a\u4e00\u4e2a\u6709\u6548\u7b7e\u540d\u7684\u6307\u793a\u5668\uff0c\u4f46\u5176\u5185\u5bb9\u4e0e\u663e\u793a\u7684\u7b7e\u540d\u65e0\u5173\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "LibreOffice\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2022-55627\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"LibreOffice LibreOffice \u003c7.0.6",
"LibreOffice LibreOffice \u003c7.1.2"
]
},
"referenceLink": "https://www.debian.org/security/2021/dsa-4988",
"serverity": "\u4e2d",
"submitTime": "2021-10-18",
"title": "LibreOffice\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e\uff08CNVD-2022-55627\uff09"
}
FKIE_CVE-2021-25633
Vulnerability from fkie_nvd - Published: 2021-10-11 17:15 - Updated: 2024-11-21 05:55
Severity ?
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libreoffice | libreoffice | * | |
| libreoffice | libreoffice | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7CF22E51-8E68-4B58-8AB3-D326C1097E3E",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA884385-2527-4F68-9FD5-67ECD9A89F42",
"versionEndExcluding": "7.1.2",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
},
{
"lang": "es",
"value": "LibreOffice soporta firmas digitales de documentos ODF y macros dentro de documentos, presentando ayudas visuales de que no se ha producido ninguna alteraci\u00f3n del documento desde la \u00faltima firma y que la firma es v\u00e1lida. Una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Certificados en LibreOffice permit\u00eda a un atacante crear un documento ODF firmado digitalmente, al manipular el flujo documentsignatures.xml o macrosignatures.xml dentro del documento para combinar m\u00faltiples datos de certificados, que cuando se abr\u00eda causaba que LibreOffice mostrara un indicador firmado v\u00e1lidamente pero cuyo contenido no estaba relacionado con la firma mostrada. Este problema afecta a: versiones de LibreOffice 7-0 de The Document Foundation anteriores a la 7.0.6; versiones 7-1 anteriores a 7.1.2"
}
],
"id": "CVE-2021-25633",
"lastModified": "2024-11-21T05:55:11.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-11T17:15:07.590",
"references": [
{
"source": "security@documentfoundation.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
},
{
"source": "security@documentfoundation.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
}
],
"sourceIdentifier": "security@documentfoundation.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "security@documentfoundation.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-25633
Vulnerability from osv_almalinux
Published
2022-05-10 08:00
Modified
2022-05-10 08:00
Summary
Moderate: libreoffice security, bug fix, and enhancement update
Details
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.
Security Fix(es):
-
libreoffice: Content Manipulation with Double Certificate Attack (CVE-2021-25633)
-
libreoffice: Timestamp Manipulation with Signature Wrapping (CVE-2021-25634)
-
libreoffice: Content Manipulation with Certificate Validation Attack (CVE-2021-25635)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-af"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-bg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-ca"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-cs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-da"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-de"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-en"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-es"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-fa"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-fi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-fr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-ga"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-hr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-hu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-is"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-it"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-ja"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-ko"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-lb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-lt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-mn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-nl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-pl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-pt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-ro"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-ru"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-sk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-sl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-sr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-sv"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-tr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-vi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "autocorr-zh"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-base"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-calc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-data"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-draw"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-emailmerge"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-filters"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-gdb-debug-support"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-graphicfilter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-gtk3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-ar"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-bg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-bn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-ca"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-cs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-da"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-de"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-dz"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-el"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-en"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-es"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-et"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-eu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-fi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-fr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-gl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-gu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-he"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-hi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-hr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-hu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-id"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-it"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-ja"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-ko"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-lt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-lv"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-nb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-nl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-nn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-pl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-pt-BR"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-pt-PT"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-ro"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-ru"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-si"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-sk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-sl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-sv"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-ta"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-tr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-uk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-zh-Hans"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-help-zh-Hant"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-impress"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-af"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ar"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-as"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-bg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-bn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-br"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ca"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-cs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-cy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-da"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-de"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-dz"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-el"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-en"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-es"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-et"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-eu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-fa"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-fi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-fr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ga"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-gl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-gu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-he"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-hi"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-hr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-hu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-id"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-it"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ja"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-kk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-kn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ko"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-lt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-lv"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-mai"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ml"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-mr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-nb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-nl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-nn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-nr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-nso"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-or"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-pa"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-pl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-pt-BR"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-pt-PT"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ro"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ru"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-si"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-sk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-sl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-sr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ss"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-st"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-sv"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ta"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-te"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-th"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-tn"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-tr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-uk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-ve"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-xh"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-zh-Hans"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-zh-Hant"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-langpack-zu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-math"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-ogltrans"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-opensymbol-fonts"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-pdfimport"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-pyuno"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-sdk"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-sdk-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-ure"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-ure-common"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-wiki-publisher"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-writer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-x11"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreoffice-xsltfilter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libreofficekit"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:6.4.7.2-10.el8.alma"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.\n\nSecurity Fix(es):\n\n* libreoffice: Content Manipulation with Double Certificate Attack (CVE-2021-25633)\n\n* libreoffice: Timestamp Manipulation with Signature Wrapping (CVE-2021-25634)\n\n* libreoffice: Content Manipulation with Certificate Validation Attack (CVE-2021-25635)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2022:1766",
"modified": "2022-05-10T08:00:05Z",
"published": "2022-05-10T08:00:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2022-1766.html"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2021-25633"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2021-25634"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2021-25635"
}
],
"related": [
"CVE-2021-25633",
"CVE-2021-25634",
"CVE-2021-25635"
],
"summary": "Moderate: libreoffice security, bug fix, and enhancement update"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…