[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index] [SECURITY] [DSA 6251-1] libreoffice security update To: debian-security-announce@lists.debian.org Subject: [SECURITY] [DSA 6251-1] libreoffice security update From: Moritz Muehlenhoff <jmm@debian.org> Date: Thu, 7 May 2026 18:56:43 +0000 Message-id: <[🔎] afzgazHLfaFZu5kE@seger.debian.org> Reply-to: debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6251-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 07, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libreoffice CVE ID : CVE-2026-4430 Dun Anh Nguyen discovered a buffer overflow in LibreOffice, which could result in an out-of-bounds write if OOXML documents with malformed encryption parameters are opened. For the oldstable distribution (bookworm), this problem has been fixed in version 4:7.4.7-1+deb12u11. For the stable distribution (trixie), this problem has been fixed in version 4:25.2.3-2+deb13u4. We recommend that you upgrade your libreoffice packages. For the detailed security status of libreoffice please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libreoffice Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmn8258ACgkQEMKTtsN8 Tjacew//aGMDdsyxfGU5izQr8zPm9Bb2emFolfymkAhOrMoa/+apY6jOPmuUtp5B Ly51+ak9EAzY7ueP7tj2Sr5/4EDyismXWNM4LMLI0211zsoN8LynLV8BZlrZZF6g 5Gh7bcHdY3FrBbNwCjXOKzW30oC9WNoAStaHU8lZQHyOETO7k2729X1f1Dy+CLsC c8sXlkXqPyVycYy0HK/n0qShC8cs/k0BG+e+tYciMbgoPy0YE+apqbM38bdrGGnJ OyNiMdleOCkSNRn/7CM6G9wK7mHsEWI2wP/LqbV1C6nZi01hWvRLDKQni3U5cErl p0ED90PcdW2zp9hqvLgoXEj9UQ8+I07QyUmxI7WlBbaMcl8NQvqEjw/CYBtNNMAe e1b43uSp3WcoKb5yNLAYK8+XiYBY7UQK6U7LUyEIwlylbvdB3rK/iQNNy3WBQsMV K+twcLO8z55pNsciL8Ev/Ig0wKIUkvpt1gO2bNhjp9Xq3FsiYS7Cq4JZCQ3vtUng fG2AAr/oLnOJTvoqwA0InbOpX8KjdhOAHJC78qDL/QCY1syjnh2dKVE0oVfr00Ks Wx+fVe0px4RvwuXhMOPc+PScZj0s4xPnRV94VwP2eOZu+TJZ1hNYBECCQqgbWP6i cQj/uN4ZZlnRTt8wF2ExwrGxmQbiNtWa109ihr4Q95dMIoYKkTk= =YZex -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Moritz Muehlenhoff (on-list) Moritz Muehlenhoff (off-list) Prev by Date: [SECURITY] [DSA 6250-1] chromium security update Next by Date: [SECURITY] [DSA 6252-1] prosody security update Previous by thread: [SECURITY] [DSA 6250-1] chromium security update Next by thread: [SECURITY] [DSA 6252-1] prosody security update Index(es): Date Thread