The Document Foundation has rolled out two security updates for its widely-used LibreOffice open-source office suite—versions 7.6.2 and 7.5.7. The primary focus of these updates is to address a recently identified vulnerability in the WebP codec.
These releases, which arrived earlier than initially planned, feature a fix for CVE 2023-4863. This vulnerability was a heap buffer overflow detected in the widely used libwebp library, which is essential for decoding the increasingly popular WebP graphics format.
The security concern impacts all applications utilizing the libwebp library, including major web browsers such as Mozilla Firefox, Chrome/Chromium, and Edge. Marked as critical, this flaw could potentially enable a remote attacker to execute an out-of-bounds memory write through a crafted HTML page.
Mozilla’s security team, in a recent advisory, warned
“Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.”
The latest versions of the aforementioned applications now include the patched WebP vulnerability. Furthermore, LibreOffice users can benefit from this security fix by updating their installations to either LibreOffice 7.6.2 or LibreOffice 7.5.7.
Apart from addressing this critical vulnerability, LibreOffice 7.6.2 introduces 54 fixes for bugs and regressions, as per the RC1 changelog. In comparison, LibreOffice 7.5.7 includes 14 bug fixes, according to its RC1 changelog.
It is highly advisable for all LibreOffice users to promptly update their software. Both LibreOffice 7.6.2 and LibreOffice 7.5.7 can be downloaded from the official website. The Document Foundation provides these updates as binaries packed for DEB or RPM-based distributions, as well as in a source tarball format.
This serves as a timely reminder to maintain up-to-date GNU/Linux systems to safeguard against critical vulnerabilities. These new LibreOffice updates will soon be available in your distribution’s stable repositories, emphasizing the importance of regular system updates.
Source: 9to5Linux
Google Fixes Critical Security Flaws in Chrome Browser – Immediate Installation Recommended
Google has released new security updates for the Chrome web browser to address essential security vu…
Exploring the Wonders of Exoplanets – Beyond Our Solar System
In the vast expanse of the cosmos, astronomers have uncovered a fascinating realm beyond our familia…
How Laser Printers Work to Transform Digital to Physical
In the realm of modern printing, laser printers stand out as marvels of precision and efficiency. Un…