========================================================================== Ubuntu Security Notice USN-3579-1 February 21, 2018 libreoffice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: LibreOffice would allow unintended access to files over the network. Software Description: - libreoffice: Office productivity suite Details: It was discovered that =WEBSERVICE calls in a document could be used to read arbitrary files. If a user were tricked in to opening a specially crafted document, a remote attacker could exploit this to obtain sensitive information. (CVE-2018-6871) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.10: libreoffice-core 1:5.4.5-0ubuntu0.17.10.1 Ubuntu 16.04 LTS: libreoffice-core 1:5.1.6~rc2-0ubuntu1~xenial3 Ubuntu 14.04 LTS: libreoffice-core 1:4.2.8-0ubuntu5.3 After a standard system update you need to restart LibreOffice to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3579-1 CVE-2018-6871 Package Information: https://launchpad.net/ubuntu/+source/libreoffice/1:5.4.5-0ubuntu0.17.10.1 https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial3 https://launchpad.net/ubuntu/+source/libreoffice/1:4.2.8-0ubuntu5.3