Re: [tdf-discuss] security related information, CVE-2019-9850, CVE-2019-9851, CVE-2019-9852

2019-08-15 Thread Steve Edmonds 
Had me confused.


https://www.libreoffice.org/about-us/security/advisories/


Addressed in LibreOffice 6.2.6/6.3.0


CVE-2019-9850

Insufficient url validation allowing LibreLogo script execution

CVE-2019-9851

LibreLogo global-event script execution

CVE-2019-9852

Insufficient URL encoding flaw in allowed script location check



On 15/08/2019 22:52, Caolán McNamara wrote:
> tl;dr; Upgrade to >= 6.2.6 or >= 6.0.0.
>
> There is a cluster of issues here.
>
> 
>
> CVE-2019-9850 Insufficient url validation allowing LibreLogo script
> execution
>
> There was a way to encode the script url that could bypass the fix of
> CVE-2019-9848
> https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850
>
> 
>
> CVE-2019-9851 LibreLogo global-event script execution
>
> The fix of CVE-2019-9848 blocked execution of LibreLogo from document
> script events, e.g. mouse-over, but there is another separate feature
> of global script events, e.g. document-open which are also affected
> https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851
>
> 
>
> CVE-2019-9852 Insufficient URL encoding flaw in allowed script location
> check
>
> There was a way to encode the script url to bypasses the fix of CVE-
> 2018-16858 to again allow scripts in arbitrary locations on the file
> system to be executed 
>
> https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852
>
>


-- 
To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.documentfoundation.org/www/discuss/
Privacy Policy: https://www.documentfoundation.org/privacy

[tdf-discuss] security related information, CVE-2019-9850, CVE-2019-9851, CVE-2019-9852

2019-08-15 Thread Caolán McNamara 
tl;dr; Upgrade to >= 6.2.6 or >= 6.0.0.

There is a cluster of issues here.



CVE-2019-9850 Insufficient url validation allowing LibreLogo script
execution

There was a way to encode the script url that could bypass the fix of
CVE-2019-9848
https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9850



CVE-2019-9851 LibreLogo global-event script execution

The fix of CVE-2019-9848 blocked execution of LibreLogo from document
script events, e.g. mouse-over, but there is another separate feature
of global script events, e.g. document-open which are also affected
https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9851



CVE-2019-9852 Insufficient URL encoding flaw in allowed script location
check

There was a way to encode the script url to bypasses the fix of CVE-
2018-16858 to again allow scripts in arbitrary locations on the file
system to be executed 

https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9852


-- 
To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.documentfoundation.org/www/discuss/
Privacy Policy: https://www.documentfoundation.org/privacy