The Document Foundation has rolled out two security updates for its widely-used LibreOffice open-source office suite—versions 7.6.2 and 7.5.7. The primary focus of these updates is to address a recently identified vulnerability in the WebP codec.
These releases, which arrived earlier than initially planned, feature a fix for CVE 2023-4863. This vulnerability was a heap buffer overflow detected in the widely used libwebp library, which is essential for decoding the increasingly popular WebP graphics format.
The security concern impacts all applications utilizing the libwebp library, including major web browsers such as Mozilla Firefox, Chrome/Chromium, and Edge. Marked as critical, this flaw could potentially enable a remote attacker to execute an out-of-bounds memory write through a crafted HTML page.
Mozilla’s security team, in a recent advisory, warned
“Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.”
The latest versions of the aforementioned applications now include the patched WebP vulnerability. Furthermore, LibreOffice users can benefit from this security fix by updating their installations to either LibreOffice 7.6.2 or LibreOffice 7.5.7.
Apart from addressing this critical vulnerability, LibreOffice 7.6.2 introduces 54 fixes for bugs and regressions, as per the RC1 changelog. In comparison, LibreOffice 7.5.7 includes 14 bug fixes, according to its RC1 changelog.
It is highly advisable for all LibreOffice users to promptly update their software. Both LibreOffice 7.6.2 and LibreOffice 7.5.7 can be downloaded from the official website. The Document Foundation provides these updates as binaries packed for DEB or RPM-based distributions, as well as in a source tarball format.
This serves as a timely reminder to maintain up-to-date GNU/Linux systems to safeguard against critical vulnerabilities. These new LibreOffice updates will soon be available in your distribution’s stable repositories, emphasizing the importance of regular system updates.
Source: 9to5Linux
The Rise of AI-Enhanced Operating Systems: Linux and Beyond
In recent years, artificial intelligence (AI) has seamlessly woven itself into the fabric of technol…
Projection of Popularity and Usage of the Most Popular Operating Systems in 2025
As we look ahead to 2025, the operating systems (OS) landscape is expected to evolve further, shaped…
Who Will Succeed Tim Cook as Apple CEO?
Tim Cook has been at the helm of Apple for over 13 years, steering the company through monumental gr…