{"id":"ALSA-2020:4628","summary":"Low: libreoffice security, bug fix, and enhancement update","details":"LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.\n\nThe following packages have been upgraded to a later upstream version: libreoffice (6.3.6.2), libcmis (0.5.2), liborcus (0.14.1). (BZ#1796893)\n\nSecurity Fix(es):\n\n* libreoffice: 'stealth mode' remote resource restrictions bypass (CVE-2020-12802)\n\n* libreoffice: forms allowed to be submitted to any URI could result in local file overwrite (CVE-2020-12803)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-02-04T04:37:56.831128Z","published":"2020-11-03T12:21:42Z","related":["CVE-2020-12802","CVE-2020-12803"],"references":[{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-12802"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-12803"}],"affected":[{"package":{"name":"libcmis","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libcmis"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.2-1.el8"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4628.json"}},{"package":{"name":"libreoffice-sdk","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libreoffice-sdk"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:6.3.6.2-3.el8.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4628.json"}},{"package":{"name":"libreoffice-sdk-doc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libreoffice-sdk-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:6.3.6.2-3.el8.alma"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4628.json"}}],"schema_version":"1.7.3"}