Ubuntu alert USN-8352-1 (libreoffice)
| From: | noreply+usn-bot--- via ubuntu-security-announce <ubuntu-security-announce@lists.ubuntu.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-8352-1] LibreOffice vulnerability | |
| Date: | Mon, 01 Jun 2026 18:06:38 +0000 | |
| Message-ID: | <E1wU726-0000LR-S6@lists.ubuntu.com> | |
| Cc: | noreply+usn-bot@canonical.com |
========================================================================== Ubuntu Security Notice USN-8352-1 June 01, 2026 libreoffice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 Summary: LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. Software Description: - libreoffice: Office productivity suite Details: Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched encryption salt parameters in crafted OOXML documents. An attacker could use this issue to cause LibreOffice to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libreoffice 4:26.2.3.2-0ubuntu0.26.04.1 Ubuntu 25.10 libreoffice 4:25.8.7-0ubuntu0.25.10.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8352-1 CVE-2026-4430 Package Information: https://launchpad.net/ubuntu/+source/libreoffice/4:26.2.3... https://launchpad.net/ubuntu/+source/libreoffice/4:25.8.7...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmods+kACgkQcpJm3tlz hgHVXBAAiVdjEnlgb1ODNcbhIrnJ0dWVN+WVahq5FSWkrFTph2gpuqlezhm92ZNv rWLMQrU/2DdB7I5zNGtrKQGoYySpNoeNeW5mu9NIbzX5ZgPsGp7z/hs9OTs3xeNL ybSKSEFWe69tsmXGTfvoAc1In4K2sXz62aRUjUSOv8QgKZ+5Ka4IdVQ01AHoH01+ KFHVknMCi5t3pQn/7K4ilsliA+IaIi5n1XM4DefeAp5EIUeN6E5Dp4RxzZ5FdeLN uyEY0hERKNG49a4lu2EEZFUnUQ59Ts/gAIjz9DetRqrwIxdlX5B6d5vm1PjPBSqh /PB12s0+kZh8GbhePSxmFlAuh7vKBsU6alNDEko/3K94C7Joq22MAze32Tv6X9lE tXlstugfB85Oo5y3NcLgJ+/z238CJkcmeji8PFimnSTD3wke1F4BRQs2MxawjPdj g5ZKWGsXtel5WBBNEI3Y+/fwWytDmQvuswhv9UCM31GwMUargy/5EDnq3ISnr1fs qZCHKUicqTVwNEiMDeHZPEkgmSJch1Ux+eo5QsjF5vJ3V6Qn8JcFRI+HZFmWyW4H VIcoCb1o7jbTg5yr7ftjjGAi2SIugSD5dMdYfxaTEdJFFb2R9Xl2HLWYSKYkcmJA vfawpSNU5WLKgenLW+/fk9OaIh5IL7QFefnpGRLszJx8hm9aFUI= =kp5J -----END PGP SIGNATURE-----