The Document Foundation has rolled out two security updates for its widely-used LibreOffice open-source office suite—versions 7.6.2 and 7.5.7. The primary focus of these updates is to address a recently identified vulnerability in the WebP codec.
These releases, which arrived earlier than initially planned, feature a fix for CVE 2023-4863. This vulnerability was a heap buffer overflow detected in the widely used libwebp library, which is essential for decoding the increasingly popular WebP graphics format.
The security concern impacts all applications utilizing the libwebp library, including major web browsers such as Mozilla Firefox, Chrome/Chromium, and Edge. Marked as critical, this flaw could potentially enable a remote attacker to execute an out-of-bounds memory write through a crafted HTML page.
Mozilla’s security team, in a recent advisory, warned
“Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.”
The latest versions of the aforementioned applications now include the patched WebP vulnerability. Furthermore, LibreOffice users can benefit from this security fix by updating their installations to either LibreOffice 7.6.2 or LibreOffice 7.5.7.
Apart from addressing this critical vulnerability, LibreOffice 7.6.2 introduces 54 fixes for bugs and regressions, as per the RC1 changelog. In comparison, LibreOffice 7.5.7 includes 14 bug fixes, according to its RC1 changelog.
It is highly advisable for all LibreOffice users to promptly update their software. Both LibreOffice 7.6.2 and LibreOffice 7.5.7 can be downloaded from the official website. The Document Foundation provides these updates as binaries packed for DEB or RPM-based distributions, as well as in a source tarball format.
This serves as a timely reminder to maintain up-to-date GNU/Linux systems to safeguard against critical vulnerabilities. These new LibreOffice updates will soon be available in your distribution’s stable repositories, emphasizing the importance of regular system updates.
Source: 9to5Linux
Computer Brain Implants May Heal Paralyzed
The creation of brain implants would be a milestone for those who found themselves paralyzed because…
Rare Celestial Phenomenon Returns, Happens Only Once Every 80 Years
According to a statement from NASA, there is a chance once again to witness the super-bright celesti…
Google Fixes Critical Security Flaws in Chrome Browser – Immediate Installation Recommended
Google has released new security updates for the Chrome web browser to address essential security vu…