皆様 以下のようにTDFから脆弱性の修正についてのお知らせがありました。 LibreOffice 5をご利用の方は5.4.6、LibreOffice 6をお使いの場合は6.0.2に 更新することをお奨めします。
-- Takeshi Abe On Wed, 18 Apr 2018 16:01:30 +0100, Caolán McNamara <caol...@redhat.com> wrote: > TL;DR; Upgrade to >= 5.4.6 or >= 6.0.2 > > https://www.libreoffice.org/about-us/security/advisories/CVE-2018-10119 > > CVE-2018-10119 Use After Free in Structured Storage parser > Fixed in LibreOffice 5.4.5/6.0.1 > > LibreOffice before 5.4.5 and 6.x before 6.0.1 have a flaw in an edge > case in processing the structured storage ole2 wrapper file format. A > short datatype is used which can overflow resulting in a write to > recently freed data > > https://www.libreoffice.org/about-us/security/advisories/CVE-2018-10120 > > CVE-2018-10120 Heap Buffer Overflow in MSWord Customizations parsing > Fixed in: LibreOffice 5.4.6/6.0.2 > > LibreOffice before 5.4.6 and 6.x before 6.0.2 have a flaw in an edge > case in processing a specific uncommon Microsoft Word record. An index > into a dynamically allocated buffer is used without bounds checking. > > -- > To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org > Problems? > https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ > Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette > List archive: https://listarchives.documentfoundation.org/www/discuss/ > All messages sent to this list will be publicly archived and cannot be deleted -- Unsubscribe instructions: E-mail to discuss+unsubscr...@ja.libreoffice.org Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/ja/discuss/ All messages sent to this list will be publicly archived and cannot be deleted