We need to fix CVE-2018-6871 in our LibreOffice package. This bug allows remote attackers to read any file accessible from LibreOffice by supplying a crafted file to open in LibreOffice.
Apparently the bug is fixed in LibreOffice 5.4.5 or 6.0.1. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6871 https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure
signature.asc
Description: PGP signature
