Vulnerabilities > CVE-2019-9853 - Improper Encoding or Escaping of Output vulnerability in Libreoffice
Summary
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Cross Zone Scripting An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security. In a zone-based model, pages belong to one of a set of zones corresponding to the level of privilege assigned to that page. Pages in an untrusted zone would have a lesser level of access to the system and/or be restricted in the types of executable content it was allowed to invoke. In a cross-zone scripting attack, a page that should be assigned to a less privileged zone is granted the privileges of a more trusted zone. This can be accomplished by exploiting bugs in the browser, exploiting incorrect configuration in the zone controls, through a cross-site scripting attack that causes the attackers' content to be treated as coming from a more trusted page, or by leveraging some piece of system functionality that is accessible from both the trusted and less trusted zone. This attack differs from "Restful Privilege Escalation" in that the latter correlates to the inadequate securing of RESTful access methods (such as HTTP DELETE) on the server, while cross-zone scripting attacks the concept of security zones as implemented by a browser.
- Embedding Scripts in Non-Script Elements This attack is a form of Cross-Site Scripting (XSS) where malicious scripts are embedded in elements that are not expected to host scripts such as image tags (<img>), comments in XML documents (< !-CDATA->), etc. These tags may not be subject to the same input validation, output validation, and other content filtering and checking routines, so this can create an opportunity for an attacker to tunnel through the application's elements and launch a XSS attack through other elements. As with all remote attacks, it is important to differentiate the ability to launch an attack (such as probing an internal network for unpatched servers) and the ability of the remote attacker to collect and interpret the output of said attack.
- Simple Script Injection An attacker embeds malicious scripts in content that will be served to web browsers. The goal of the attack is for the target software, the client-side browser, to execute the script with the users' privilege level. An attack of this type exploits a programs' vulnerabilities that are brought on by allowing remote hosts to execute code and scripts. Web browsers, for example, have some simple security controls in place, but if a remote attacker is allowed to execute scripts (through injecting them in to user-generated content like bulletin boards) then these controls may be bypassed. Further, these attacks are very difficult for an end user to detect.
- User-Controlled Filename An attack of this type involves an attacker inserting malicious characters (such as a XSS redirection) into a filename, directly or indirectly that is then used by the target software to generate HTML text or other potentially executable content. Many websites rely on user-generated content and dynamically build resources like files, filenames, and URL links directly from user supplied data. In this attack pattern, the attacker uploads code that can execute in the client browser and/or redirect the client browser to a site that the attacker owns. All XSS attack payload variants can be used to pass and exploit these vulnerabilities.
- Web Logs Tampering Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.
Nessus
NASL family Windows NASL id LIBREOFFICE_631_CVE_2019_9853.NASL description According to its self-reported version, the LibreOffice application running on the remote host is prior to 6.2.6. It is, therefore, affected by a flaw in how LibreOffice sanitizes user supplied input when decoding URL encoded characters in the macro location. This can result in macros within a document to be executed without the users knowledge. Note that Nessus has not tested for these issues but has instead relied only on the application last seen 2020-03-28 modified 2020-02-05 plugin id 133471 published 2020-02-05 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133471 title LibreOffice 6.2.6 / 6.3.1 Security Control Bypass (Windows) code # # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(133471); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/27"); script_cve_id("CVE-2019-9853"); script_name(english:"LibreOffice 6.2.6 / 6.3.1 Security Control Bypass (Windows)"); script_set_attribute(attribute:"synopsis", value: "An issue with how LibreOffice handles URL decoding can lead to the execution of macros that would otherwise be restricted by inbuilt access controls."); script_set_attribute(attribute:"description", value: "According to its self-reported version, the LibreOffice application running on the remote host is prior to 6.2.6. It is, therefore, affected by a flaw in how LibreOffice sanitizes user supplied input when decoding URL encoded characters in the macro location. This can result in macros within a document to be executed without the users knowledge. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number."); # https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?be7c8066"); script_set_attribute(attribute:"solution", value: "Upgrade to LibreOffice version 6.2.6, 6.3.1 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9853"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/27"); script_set_attribute(attribute:"patch_publication_date", value:"2019/07/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/05"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:libreoffice:libreoffice"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("libreoffice_installed.nasl"); script_require_keys("installed_sw/LibreOffice", "SMB/Registry/Enumerated"); exit(0); } include('vcf.inc'); get_kb_item_or_exit('SMB/Registry/Enumerated'); app_info = vcf::get_app_info(app:'LibreOffice'); constraints = [ {'min_version':'1.0', 'fixed_version':'6.2.6'}, {'min_version':'3.0', 'fixed_version':'3.1'}]; vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-3313-1.NASL description This update libreoffice and libraries fixes the following issues : LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed : CVE-2019-9853: Fixed an issue where by executing macros, the security settings could have been bypassed (bsc#1152684). Other issues addressed: Dropped disable-kde4 switch, since it is no longer known by configure Disabled gtk2 because it will be removed in future releases librelogo is now a standalone sub-package (bsc#1144522). Partial fixes for an issue where Table(s) from DOCX showed wrong position or color (bsc#1061210). cmis-client was updated to 0.5.2 : - Removed header for Uuid last seen 2020-03-31 modified 2019-12-17 plugin id 132094 published 2019-12-17 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132094 title SUSE SLED15 / SLES15 Security Update : LibreOffice (SUSE-SU-2019:3313-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2019:3313-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(132094); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30"); script_cve_id("CVE-2019-9853"); script_name(english:"SUSE SLED15 / SLES15 Security Update : LibreOffice (SUSE-SU-2019:3313-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update libreoffice and libraries fixes the following issues : LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed : CVE-2019-9853: Fixed an issue where by executing macros, the security settings could have been bypassed (bsc#1152684). Other issues addressed: Dropped disable-kde4 switch, since it is no longer known by configure Disabled gtk2 because it will be removed in future releases librelogo is now a standalone sub-package (bsc#1144522). Partial fixes for an issue where Table(s) from DOCX showed wrong position or color (bsc#1061210). cmis-client was updated to 0.5.2 : - Removed header for Uuid's sha1 header(bsc#1105173). - Fixed Google Drive login - Added support for Google Drive two-factor authentication - Fixed access to SharePoint root folder - Limited the maximal number of redirections to 20 - Switched library implementation to C++11 (the API remains C++98-compatible) - Fixed encoding of OAuth2 credentials - Dropped cppcheck run from 'make check'. A new 'make cppcheck' target was created for it - Added proper API symbol exporting - Speeded up building of tests a bit - Fixed a few issues found by coverity and cppcheck libixion was updated to 0.15.0 : - Updated for new liborcus - Switched to spdlog for compile-time debug log outputs - Fixed various issues libmwaw was updated 0.3.15 : - Fixed fuzzing issues liborcus was updated to 0.15.3 : - Fixed various xml related bugs - Improved performance - Fixed multiple parser issues - Added map and structure mode to orcus-json - Other improvements and fixes mdds was updated to 1.5.0 : - API changed to 1.5 - Moved the API incompatibility notes from README to the rst doc. - Added the overview section for flat_segment_tree. myspell-dictionaries was updated to 20191016 : - Updated Slovenian thesaurus - Updated the da_DK dictionary - Removed the abbreviations from Thai hunspell dictionary - Updated the English dictionaries - Fixed the logo management for 'ca' spdlog was updated to 0.16.3 : - Fixed sleep issue under MSVC that happens when changing the clock backwards - Ensured that macros always expand to expressions - Added global flush_on function Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1061210" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1105173" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1144522" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1152684" ); script_set_attribute( attribute:"see_also", value:"https://wiki.documentfoundation.org/ReleaseNotes/6.3" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9853/" ); # https://www.suse.com/support/update/announcement/2019/suse-su-20193313-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?50780237" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Workstation Extension 15-SP1:zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2019-3313=1 SUSE Linux Enterprise Workstation Extension 15:zypper in -t patch SUSE-SLE-Product-WE-15-2019-3313=1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-3313=1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-3313=1 SUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2019-3313=1 SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-3313=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cmis-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cmis-client-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cmis-client-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libcmis-c-0_5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libcmis-c-0_5-5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libcmis-c-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libixion-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libixion-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libixion-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libixion-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libixion-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-0_3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-0_3-3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmwaw-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liborcus-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liborcus-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liborcus-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liborcus-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-dictionaries"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-lightproof-en"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-lightproof-hu_HU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-lightproof-pt_BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:myspell-lightproof-ru_RU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-libixion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-libixion-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-liborcus"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python3-liborcus-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/27"); script_set_attribute(attribute:"patch_publication_date", value:"2019/12/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/17"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0/1", os_ver + " SP" + sp); if (os_ver == "SLED15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0/1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"libmwaw-0_3-3-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"s390x", reference:"libmwaw-0_3-3-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"cmis-client-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"cmis-client-debuginfo-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"cmis-client-debugsource-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libcmis-c-0_5-5-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libcmis-c-0_5-5-debuginfo-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libcmis-c-devel-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libixion-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libixion-debugsource-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libixion-devel-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libixion-tools-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libixion-tools-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libmwaw-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libmwaw-debugsource-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libmwaw-devel-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libmwaw-tools-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"libmwaw-tools-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"liborcus-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"liborcus-debugsource-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"liborcus-tools-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"liborcus-tools-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"python3-libixion-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"python3-libixion-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"python3-liborcus-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"python3-liborcus-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"myspell-dictionaries-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"myspell-lightproof-en-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"myspell-lightproof-hu_HU-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"myspell-lightproof-pt_BR-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"myspell-lightproof-ru_RU-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"cmis-client-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"cmis-client-debuginfo-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"cmis-client-debugsource-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libcmis-c-0_5-5-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libcmis-c-0_5-5-debuginfo-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libcmis-c-devel-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libixion-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libixion-debugsource-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libixion-devel-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libixion-tools-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libixion-tools-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-debugsource-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-devel-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-tools-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"libmwaw-tools-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"liborcus-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"liborcus-debugsource-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"liborcus-tools-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"liborcus-tools-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"python3-libixion-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"python3-libixion-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"python3-liborcus-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"python3-liborcus-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-dictionaries-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-lightproof-en-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-lightproof-hu_HU-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-lightproof-pt_BR-20191016-3.12.1")) flag++; if (rpm_check(release:"SLES15", sp:"0", reference:"myspell-lightproof-ru_RU-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"libmwaw-0_3-3-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"s390x", reference:"libmwaw-0_3-3-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"cmis-client-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"cmis-client-debuginfo-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"cmis-client-debugsource-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libcmis-c-0_5-5-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libcmis-c-0_5-5-debuginfo-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libcmis-c-devel-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libixion-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libixion-debugsource-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libixion-devel-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libixion-tools-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libixion-tools-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libmwaw-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libmwaw-debugsource-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libmwaw-devel-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libmwaw-tools-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"libmwaw-tools-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"liborcus-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"liborcus-debugsource-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"liborcus-tools-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"liborcus-tools-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"python3-libixion-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"python3-libixion-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"python3-liborcus-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"python3-liborcus-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"myspell-dictionaries-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"myspell-lightproof-en-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"myspell-lightproof-hu_HU-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"myspell-lightproof-pt_BR-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"myspell-lightproof-ru_RU-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"cmis-client-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"cmis-client-debuginfo-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"cmis-client-debugsource-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libcmis-c-0_5-5-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libcmis-c-0_5-5-debuginfo-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libcmis-c-devel-0.5.2-3.3.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libixion-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libixion-debugsource-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libixion-devel-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libixion-tools-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libixion-tools-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-debugsource-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-devel-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-tools-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"libmwaw-tools-debuginfo-0.3.15-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"liborcus-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"liborcus-debugsource-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"liborcus-tools-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"liborcus-tools-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"python3-libixion-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"python3-libixion-debuginfo-0.15.0-4.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"python3-liborcus-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"python3-liborcus-debuginfo-0.15.3-3.6.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-dictionaries-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-lightproof-en-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-lightproof-hu_HU-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-lightproof-pt_BR-20191016-3.12.1")) flag++; if (rpm_check(release:"SLED15", sp:"0", reference:"myspell-lightproof-ru_RU-20191016-3.12.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "LibreOffice"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1151.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1151 advisory. - libreoffice: LibreLogo script can be manipulated into executing arbitrary python commands (CVE-2019-9848) - libreoffice: Remote resources protection module not applied to bullet graphics (CVE-2019-9849) - libreoffice: Insufficient URL validation allowing LibreLogo script execution (CVE-2019-9850) - libreoffice: LibreLogo global-event script execution (CVE-2019-9851) - libreoffice: Insufficient URL encoding flaw in allowed script location check (CVE-2019-9852) - libreoffice: Insufficient URL decoding flaw in categorizing macro location (CVE-2019-9853) - libreoffice: Unsafe URL assembly flaw in allowed script location check (CVE-2019-9854) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-01 plugin id 135068 published 2020-04-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135068 title RHEL 7 : libreoffice (RHSA-2020:1151) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2020:1151. The text # itself is copyright (C) Red Hat, Inc. # include('compat.inc'); if (description) { script_id(135068); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/21"); script_cve_id( "CVE-2019-9848", "CVE-2019-9849", "CVE-2019-9850", "CVE-2019-9851", "CVE-2019-9852", "CVE-2019-9853", "CVE-2019-9854" ); script_bugtraq_id(109374); script_xref(name:"RHSA", value:"2020:1151"); script_name(english:"RHEL 7 : libreoffice (RHSA-2020:1151)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute(attribute:"synopsis", value: "The remote Red Hat host is missing one or more security updates."); script_set_attribute(attribute:"description", value: "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1151 advisory. - libreoffice: LibreLogo script can be manipulated into executing arbitrary python commands (CVE-2019-9848) - libreoffice: Remote resources protection module not applied to bullet graphics (CVE-2019-9849) - libreoffice: Insufficient URL validation allowing LibreLogo script execution (CVE-2019-9850) - libreoffice: LibreLogo global-event script execution (CVE-2019-9851) - libreoffice: Insufficient URL encoding flaw in allowed script location check (CVE-2019-9852) - libreoffice: Insufficient URL decoding flaw in categorizing macro location (CVE-2019-9853) - libreoffice: Unsafe URL assembly flaw in allowed script location check (CVE-2019-9854) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number."); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/20.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/200.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/94.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/94.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/22.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/838.html"); script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/284.html"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1151"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9848"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9849"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9850"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9851"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9852"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9853"); script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9854"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1601372"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1728763"); script_set_attribute(attribute:"solution", value: "Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9852"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_cwe_id(20, 22, 94, 200, 284, 838); script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/17"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/01"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7::client"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7::server"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7::workstation"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-af"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-bg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-da"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-en"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-es"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-fa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-ga"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-hr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-is"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-lb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-lt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-mn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-pt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-ro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-sk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-sr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-sv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-vi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:autocorr-zh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-bsh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-calc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-data"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-draw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-emailmerge"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-filters"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-gdb-debug-support"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-glade"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-graphicfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-gtk2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-gtk3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-bg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-bn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-da"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-dz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-es"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-et"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-eu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-gl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-gu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-he"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-hi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-hr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-id"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-lt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-lv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-nb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-nn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-pt-BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-pt-PT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-ro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-si"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-sk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-sv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-ta"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-zh-Hans"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-help-zh-Hant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-impress"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-af"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-as"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-bg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-bn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-br"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-cy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-da"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-dz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-en"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-es"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-et"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-eu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-fa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ga"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-gl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-gu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-he"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-id"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-kk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-kn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-lt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-lv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-mai"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-mr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-nso"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-or"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pt-BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-pt-PT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-si"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-st"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-sv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ta"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-te"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-th"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-tn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ts"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-ve"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-xh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zh-Hans"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zh-Hant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-langpack-zu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-librelogo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-math"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-nlpsolver"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-officebean"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-officebean-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-ogltrans"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-opensymbol-fonts"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-pdfimport"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-pyuno"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-rhino"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-sdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-sdk-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-ure"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-ure-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-wiki-publisher"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-writer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-x11"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreoffice-xsltfilter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreofficekit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libreofficekit-devel"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Red Hat Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include('audit.inc'); include('global_settings.inc'); include('misc_func.inc'); include('rpm.inc'); if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item('Host/RedHat/release'); if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat'); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat'); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver); if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item('Host/cpu'); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu); pkgs = [ {'reference':'autocorr-af-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-bg-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-ca-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-cs-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-da-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-de-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-en-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-es-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-fa-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-fi-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-fr-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-ga-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-hr-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-hu-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-is-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-it-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-ja-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-ko-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-lb-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-lt-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-mn-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-nl-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-pl-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-pt-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-ro-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-ru-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-sk-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-sl-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-sr-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-sv-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-tr-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-vi-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'autocorr-zh-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-base-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-bsh-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-calc-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-core-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-data-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-draw-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-emailmerge-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-filters-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-gdb-debug-support-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-glade-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-graphicfilter-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-gtk2-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-gtk3-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-ar-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-bg-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-bn-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-ca-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-cs-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-da-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-de-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-dz-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-el-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-es-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-et-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-eu-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-fi-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-fr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-gl-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-gu-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-he-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-hi-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-hr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-hu-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-id-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-it-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-ja-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-ko-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-lt-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-lv-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-nb-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-nl-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-nn-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-pl-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-pt-BR-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-pt-PT-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-ro-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-ru-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-si-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-sk-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-sl-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-sv-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-ta-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-tr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-uk-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-zh-Hans-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-help-zh-Hant-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-impress-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-af-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ar-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-as-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-bg-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-bn-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-br-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ca-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-cs-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-cy-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-da-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-de-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-dz-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-el-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-en-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-es-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-et-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-eu-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-fa-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-fi-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-fr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ga-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-gl-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-gu-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-he-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-hi-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-hr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-hu-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-id-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-it-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ja-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-kk-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-kn-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ko-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-lt-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-lv-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-mai-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ml-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-mr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-nb-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-nl-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-nn-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-nr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-nso-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-or-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-pa-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-pl-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-pt-BR-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-pt-PT-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ro-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ru-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-si-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-sk-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-sl-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-sr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ss-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-st-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-sv-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ta-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-te-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-th-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-tn-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-tr-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ts-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-uk-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-ve-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-xh-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-zh-Hans-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-zh-Hant-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-langpack-zu-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-librelogo-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-math-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-nlpsolver-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-officebean-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-officebean-common-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-ogltrans-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-opensymbol-fonts-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-pdfimport-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-postgresql-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-pyuno-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-rhino-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-sdk-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-sdk-doc-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-ure-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-ure-common-5.3.6.1-24.el7', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-wiki-publisher-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-writer-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-x11-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreoffice-xsltfilter-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreofficekit-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'}, {'reference':'libreofficekit-devel-5.3.6.1-24.el7', 'cpu':'x86_64', 'release':'7', 'epoch':'1'} ]; flag = 0; foreach package_array ( pkgs ) { reference = NULL; release = NULL; sp = NULL; cpu = NULL; el_string = NULL; rpm_spec_vers_cmp = NULL; epoch = NULL; if (!empty_or_null(package_array['reference'])) reference = package_array['reference']; if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release']; if (!empty_or_null(package_array['sp'])) sp = package_array['sp']; if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu']; if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string']; if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp']; if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch']; if (reference && release) { if (rpm_spec_vers_cmp) { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++; } else { if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++; } } } if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'autocorr-af / autocorr-bg / autocorr-ca / etc'); }
NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-2709.NASL description This update libreoffice and libraries fixes the following issues : LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed : - CVE-2019-9853: Fixed an issue where by executing macros, the security settings could have been bypassed (bsc#1152684). Other issues addressed : - Dropped disable-kde4 switch, since it is no longer known by configure - Disabled gtk2 because it will be removed in future releases - librelogo is now a standalone sub-package (bsc#1144522). - Partial fixes for an issue where Table(s) from DOCX showed wrong position or color (bsc#1061210). cmis-client was updated to 0.5.2 : - Removed header for Uuid last seen 2020-03-31 modified 2019-12-31 plugin id 132515 published 2019-12-31 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132515 title openSUSE Security Update : LibreOffice (openSUSE-2019-2709) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-2709. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(132515); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30"); script_cve_id("CVE-2019-9853"); script_name(english:"openSUSE Security Update : LibreOffice (openSUSE-2019-2709)"); script_summary(english:"Check for the openSUSE-2019-2709 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update libreoffice and libraries fixes the following issues : LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed : - CVE-2019-9853: Fixed an issue where by executing macros, the security settings could have been bypassed (bsc#1152684). Other issues addressed : - Dropped disable-kde4 switch, since it is no longer known by configure - Disabled gtk2 because it will be removed in future releases - librelogo is now a standalone sub-package (bsc#1144522). - Partial fixes for an issue where Table(s) from DOCX showed wrong position or color (bsc#1061210). cmis-client was updated to 0.5.2 : - Removed header for Uuid's sha1 header(bsc#1105173). - Fixed Google Drive login - Added support for Google Drive two-factor authentication - Fixed access to SharePoint root folder - Limited the maximal number of redirections to 20 - Switched library implementation to C++11 (the API remains C++98-compatible) - Fixed encoding of OAuth2 credentials - Dropped cppcheck run from 'make check'. A new 'make cppcheck' target was created for it - Added proper API symbol exporting - Speeded up building of tests a bit - Fixed a few issues found by coverity and cppcheck libixion was updated to 0.15.0 : - Updated for new liborcus - Switched to spdlog for compile-time debug log outputs - Fixed various issues libmwaw was updated 0.3.15 : - Fixed fuzzing issues liborcus was updated to 0.15.3 : - Fixed various xml related bugs - Improved performance - Fixed multiple parser issues - Added map and structure mode to orcus-json - Other improvements and fixes mdds was updated to 1.5.0 : - API changed to 1.5 - Moved the API incompatibility notes from README to the rst doc. - Added the overview section for flat_segment_tree. myspell-dictionaries was updated to 20191016 : - Updated Slovenian thesaurus - Updated the da_DK dictionary - Removed the abbreviations from Thai hunspell dictionary - Updated the English dictionaries - Fixed the logo management for 'ca' spdlog was updated to 0.16.3 : - Fixed sleep issue under MSVC that happens when changing the clock backwards - Ensured that macros always expand to expressions - Added global flush_on function This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1061210" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1105173" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1144522" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1152684" ); script_set_attribute( attribute:"see_also", value:"https://wiki.documentfoundation.org/ReleaseNotes/6.3" ); script_set_attribute( attribute:"solution", value:"Update the affected LibreOffice packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cmis-client"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cmis-client-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:cmis-client-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcmis-0_5-5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcmis-0_5-5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcmis-c-0_5-5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcmis-c-0_5-5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcmis-c-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcmis-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libixion-0_15-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libixion-0_15-0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libixion-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libixion-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libixion-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libixion-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libixion-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmwaw-0_3-3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmwaw-0_3-3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmwaw-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmwaw-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmwaw-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmwaw-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmwaw-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:liborcus-0_15-0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:liborcus-0_15-0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:liborcus-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:liborcus-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:liborcus-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:liborcus-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:liborcus-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-firebird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-firebird-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-base-drivers-postgresql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-branding-upstream"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-calc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-calc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-calc-extensions"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-draw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-draw-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-filters-optional"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-gdb-pretty-printers"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-glade"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-gnome"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-gnome-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-gtk3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-gtk3-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-icon-themes"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-impress"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-impress-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-af"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-am"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-as"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ast"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-be"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-bg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-bn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-bn_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-bo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-br"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-brx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-bs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ca_valencia"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-cs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-cy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-da"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-dgo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-dsb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-dz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-el"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-en"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-en_GB"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-en_ZA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-eo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-es"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-et"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-eu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-fa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-fi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-fr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-fy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ga"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-gl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-gu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-gug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-he"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-hi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-hr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-hsb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-hu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-id"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-is"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-it"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ja"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ka"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-kab"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-kk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-km"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-kmr_Latn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-kn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-kok"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ks"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-lb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-lo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-lt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-lv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-mai"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-mk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-mn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-mni"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-mr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-my"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-nb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ne"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-nl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-nn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-nr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-nso"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-oc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-om"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-or"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-pa"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-pl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-pt_BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-pt_PT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ru"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-rw"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sa_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sat"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-si"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sid"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sq"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ss"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-st"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-sw_TZ"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-szl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ta"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-te"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-tg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-th"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-tn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ts"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-tt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-uk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-uz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-ve"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-vec"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-vi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-xh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-zh_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-zh_TW"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-l10n-zu"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-librelogo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-mailmerge"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-math"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-math-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-officebean"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-officebean-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-pyuno"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-pyuno-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-qt5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-qt5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-sdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-sdk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-writer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-writer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreoffice-writer-extensions"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreofficekit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libreofficekit-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mdds-1_5-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-af_NA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-af_ZA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-an"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-an_ES"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_AE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_BH"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_DZ"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_EG"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_IQ"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_JO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_KW"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_LB"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_LY"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_MA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_OM"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_QA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_SA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_SD"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_SY"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_TN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ar_YE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-be_BY"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-bg_BG"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-bn_BD"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-bn_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-bo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-bo_CN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-bo_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-br_FR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-bs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-bs_BA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ca"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ca_AD"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ca_ES"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ca_ES_valencia"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ca_FR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ca_IT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-cs_CZ"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-da_DK"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-de"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-de_AT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-de_CH"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-de_DE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-dictionaries"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-el_GR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_AU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_BS"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_BZ"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_CA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_GB"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_GH"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_IE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_JM"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_MW"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_NA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_NZ"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_PH"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_TT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_US"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_ZA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-en_ZW"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_AR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_BO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_CL"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_CO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_CR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_CU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_DO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_EC"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_ES"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_GT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_HN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_MX"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_NI"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_PA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_PE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_PR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_PY"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_SV"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_UY"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-es_VE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-et_EE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-fr_BE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-fr_CA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-fr_CH"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-fr_FR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-fr_LU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-fr_MC"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-gd_GB"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-gl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-gl_ES"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-gu_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-gug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-gug_PY"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-he_IL"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-hi_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-hr_HR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-hu_HU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-id"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-id_ID"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-is"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-is_IS"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-it_IT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-kmr_Latn"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-kmr_Latn_SY"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-kmr_Latn_TR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-lightproof-en"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-lightproof-hu_HU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-lightproof-pt_BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-lightproof-ru_RU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-lo_LA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-lt_LT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-lv_LV"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-nb_NO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ne_NP"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-nl_BE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-nl_NL"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-nn_NO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-no"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-oc_FR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-pl_PL"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-pt_AO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-pt_BR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-pt_PT"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ro"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ro_RO"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-ru_RU"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-si_LK"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sk_SK"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sl_SI"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sq_AL"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sr_CS"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sr_Latn_CS"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sr_Latn_RS"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sr_RS"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sv_FI"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sv_SE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-sw_TZ"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-te"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-te_IN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-th_TH"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-tr"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-tr_TR"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-uk_UA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-vi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-vi_VN"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:myspell-zu_ZA"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-libixion"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-libixion-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-liborcus"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-liborcus-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:spdlog-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/27"); script_set_attribute(attribute:"patch_publication_date", value:"2019/12/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-branding-upstream-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-gdb-pretty-printers-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-glade-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-icon-themes-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-af-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-am-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ar-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-as-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ast-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-be-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-bg-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-bn-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-bn_IN-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-bo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-br-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-brx-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-bs-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ca-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ca_valencia-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-cs-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-cy-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-da-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-de-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-dgo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-dsb-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-dz-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-el-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-en-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-en_GB-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-en_ZA-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-eo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-es-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-et-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-eu-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-fa-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-fi-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-fr-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-fy-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ga-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-gd-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-gl-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-gu-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-gug-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-he-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-hi-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-hr-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-hsb-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-hu-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-id-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-is-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-it-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ja-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ka-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-kab-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-kk-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-km-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-kmr_Latn-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-kn-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ko-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-kok-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ks-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-lb-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-lo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-lt-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-lv-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-mai-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-mk-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ml-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-mn-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-mni-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-mr-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-my-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-nb-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ne-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-nl-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-nn-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-nr-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-nso-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-oc-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-om-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-or-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-pa-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-pl-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-pt_BR-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-pt_PT-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ro-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ru-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-rw-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sa_IN-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sat-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sd-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-si-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sid-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sk-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sl-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sq-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sr-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ss-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-st-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sv-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-sw_TZ-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-szl-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ta-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-te-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-tg-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-th-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-tn-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-tr-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ts-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-tt-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ug-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-uk-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-uz-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-ve-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-vec-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-vi-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-xh-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-zh_CN-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-zh_TW-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"libreoffice-l10n-zu-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"mdds-1_5-devel-1.5.0-lp151.2.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-af_NA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-af_ZA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-an-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-an_ES-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_AE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_BH-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_DZ-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_EG-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_IQ-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_JO-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_KW-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_LB-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_LY-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_MA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_OM-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_QA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_SA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_SD-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_SY-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_TN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ar_YE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-be_BY-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-bg_BG-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-bn_BD-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-bn_IN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-bo-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-bo_CN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-bo_IN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-br_FR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-bs-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-bs_BA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ca-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ca_AD-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ca_ES-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ca_ES_valencia-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ca_FR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ca_IT-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-cs_CZ-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-da_DK-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-de-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-de_AT-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-de_CH-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-de_DE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-dictionaries-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-el_GR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_AU-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_BS-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_BZ-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_CA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_GB-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_GH-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_IE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_IN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_JM-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_MW-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_NA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_NZ-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_PH-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_TT-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_US-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_ZA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-en_ZW-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_AR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_BO-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_CL-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_CO-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_CR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_CU-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_DO-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_EC-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_ES-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_GT-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_HN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_MX-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_NI-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_PA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_PE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_PR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_PY-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_SV-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_UY-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-es_VE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-et_EE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-fr_BE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-fr_CA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-fr_CH-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-fr_FR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-fr_LU-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-fr_MC-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-gd_GB-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-gl-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-gl_ES-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-gu_IN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-gug-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-gug_PY-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-he_IL-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-hi_IN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-hr_HR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-hu_HU-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-id-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-id_ID-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-is-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-is_IS-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-it_IT-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-kmr_Latn-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-kmr_Latn_SY-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-kmr_Latn_TR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-lightproof-en-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-lightproof-hu_HU-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-lightproof-pt_BR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-lightproof-ru_RU-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-lo_LA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-lt_LT-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-lv_LV-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-nb_NO-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ne_NP-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-nl_BE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-nl_NL-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-nn_NO-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-no-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-oc_FR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-pl_PL-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-pt_AO-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-pt_BR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-pt_PT-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ro-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ro_RO-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-ru_RU-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-si_LK-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sk_SK-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sl_SI-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sq_AL-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sr-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sr_CS-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sr_Latn_CS-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sr_Latn_RS-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sr_RS-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sv_FI-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sv_SE-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-sw_TZ-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-te-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-te_IN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-th_TH-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-tr-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-tr_TR-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-uk_UA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-vi-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-vi_VN-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"myspell-zu_ZA-20191016-lp151.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"cmis-client-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"cmis-client-debuginfo-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"cmis-client-debugsource-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libcmis-0_5-5-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libcmis-0_5-5-debuginfo-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libcmis-c-0_5-5-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libcmis-c-0_5-5-debuginfo-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libcmis-c-devel-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libcmis-devel-0.5.2-lp151.3.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libixion-0_15-0-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libixion-0_15-0-debuginfo-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libixion-debuginfo-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libixion-debugsource-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libixion-devel-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libixion-tools-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libixion-tools-debuginfo-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libmwaw-0_3-3-0.3.15-lp151.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libmwaw-0_3-3-debuginfo-0.3.15-lp151.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libmwaw-debuginfo-0.3.15-lp151.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libmwaw-debugsource-0.3.15-lp151.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libmwaw-devel-0.3.15-lp151.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libmwaw-tools-0.3.15-lp151.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libmwaw-tools-debuginfo-0.3.15-lp151.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"liborcus-0_15-0-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"liborcus-0_15-0-debuginfo-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"liborcus-debuginfo-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"liborcus-debugsource-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"liborcus-devel-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"liborcus-tools-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"liborcus-tools-debuginfo-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-base-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-base-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-base-drivers-firebird-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-base-drivers-firebird-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-base-drivers-postgresql-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-base-drivers-postgresql-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-calc-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-calc-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-calc-extensions-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-debugsource-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-draw-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-draw-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-filters-optional-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-gnome-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-gnome-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-gtk3-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-gtk3-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-impress-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-impress-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-librelogo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-mailmerge-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-math-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-math-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-officebean-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-officebean-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-pyuno-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-pyuno-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-qt5-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-qt5-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-sdk-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-sdk-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-writer-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-writer-debuginfo-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreoffice-writer-extensions-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreofficekit-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"libreofficekit-devel-6.3.3.2-lp151.3.9.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"python3-libixion-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"python3-libixion-debuginfo-0.15.0-lp151.4.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"python3-liborcus-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"python3-liborcus-debuginfo-0.15.3-lp151.3.6.1") ) flag++; if ( rpm_check(release:"SUSE15.1", cpu:"x86_64", reference:"spdlog-devel-0.16.3-lp151.3.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "cmis-client / cmis-client-debuginfo / cmis-client-debugsource / etc"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0372-1.NASL description This update libreoffice and libraries fixes the following issues : LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed : CVE-2019-9853: Fixed an issue where by executing macros, the security settings could have been bypassed (bsc#1152684). Other issues addressed : Dropped disable-kde4 switch, since it is no longer known by configure Disabled gtk2 because it will be removed in future releases librelogo is now a standalone sub-package (bsc#1144522). Partial fixes for an issue where Table(s) from DOCX showed wrong position or color (bsc#1061210). cmis-client was updated to 0.5.2 : - Removed header for Uuid last seen 2020-03-31 modified 2020-02-10 plugin id 133601 published 2020-02-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133601 title SUSE SLES12 Security Update : LibreOffice (SUSE-SU-2020:0372-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2020:0372-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(133601); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30"); script_cve_id("CVE-2019-9853"); script_name(english:"SUSE SLES12 Security Update : LibreOffice (SUSE-SU-2020:0372-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update libreoffice and libraries fixes the following issues : LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed : CVE-2019-9853: Fixed an issue where by executing macros, the security settings could have been bypassed (bsc#1152684). Other issues addressed : Dropped disable-kde4 switch, since it is no longer known by configure Disabled gtk2 because it will be removed in future releases librelogo is now a standalone sub-package (bsc#1144522). Partial fixes for an issue where Table(s) from DOCX showed wrong position or color (bsc#1061210). cmis-client was updated to 0.5.2 : - Removed header for Uuid's sha1 header(bsc#1105173). - Fixed Google Drive login - Added support for Google Drive two-factor authentication - Fixed access to SharePoint root folder - Limited the maximal number of redirections to 20 - Switched library implementation to C++11 (the API remains C++98-compatible) - Fixed encoding of OAuth2 credentials - Dropped cppcheck run from 'make check'. A new 'make cppcheck' target was created for it - Added proper API symbol exporting - Speeded up building of tests a bit - Fixed a few issues found by coverity and cppcheck libixion was updated to 0.15.0 : - Updated for new liborcus - Switched to spdlog for compile-time debug log outputs - Fixed various issues libmwaw was updated 0.3.15 : - Fixed fuzzing issues liborcus was updated to 0.15.3 : - Fixed various xml related bugs - Improved performance - Fixed multiple parser issues - Added map and structure mode to orcus-json - Other improvements and fixes mdds was updated to 1.5.0 : - API changed to 1.5 - Moved the API incompatibility notes from README to the rst doc. - Added the overview section for flat_segment_tree. myspell-dictionaries was updated to 20191016 : - Updated Slovenian thesaurus - Updated the da_DK dictionary - Removed the abbreviations from Thai hunspell dictionary - Updated the English dictionaries - Fixed the logo management for 'ca' spdlog was updated to 0.16.3 : - Fixed sleep issue under MSVC that happens when changing the clock backwards - Ensured that macros always expand to expressions - Added global flush_on function bluez changes : - lib: Changed bluetooth.h to compile in strict C gperf was updated to 3.1 : - The generated C code is now in ANSI-C by default. - Added option --constants-prefix. - Added declaration %define constants-prefix. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1061210" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1105173" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1144522" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1152684" ); script_set_attribute( attribute:"see_also", value:"https://wiki.documentfoundation.org/ReleaseNotes/6.3" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9853/" ); # https://www.suse.com/support/update/announcement/2020/suse-su-20200372-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?e97979cd" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Workstation Extension 12-SP5 : zypper in -t patch SUSE-SLE-WE-12-SP5-2020-372=1 SUSE Linux Enterprise Workstation Extension 12-SP4 : zypper in -t patch SUSE-SLE-WE-12-SP4-2020-372=1 SUSE Linux Enterprise Software Development Kit 12-SP5 : zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-372=1 SUSE Linux Enterprise Software Development Kit 12-SP4 : zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-372=1 SUSE Linux Enterprise Server 12-SP5 : zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-372=1 SUSE Linux Enterprise Server 12-SP4 : zypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-372=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bluez"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bluez-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bluez-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libbluetooth3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libbluetooth3-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/27"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(4|5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4/5", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"4", reference:"bluez-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"bluez-debuginfo-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"bluez-debugsource-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"libbluetooth3-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"libbluetooth3-debuginfo-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"bluez-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"bluez-debuginfo-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"bluez-debugsource-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"libbluetooth3-5.13-5.20.6")) flag++; if (rpm_check(release:"SLES12", sp:"5", reference:"libbluetooth3-debuginfo-5.13-5.20.6")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "LibreOffice"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0121-1.NASL description This update libreoffice to version 6.3.3 fixes the following issues : LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed : CVE-2019-9853: Fixed an issue where by executing macros, the security settings could have been bypassed (bsc#1152684). Other issues addressed : Dropped disable-kde4 switch, since it is no longer known by configure Disabled gtk2 because it will be removed in future releases librelogo is now a standalone sub-package (bsc#1144522). Partial fixes for an issue where Table(s) from DOCX showed wrong position or color (bsc#1061210). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-31 modified 2020-01-21 plugin id 133134 published 2020-01-21 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133134 title SUSE SLED15 / SLES15 Security Update : LibreOffice (SUSE-SU-2020:0121-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2020:0121-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(133134); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30"); script_cve_id("CVE-2019-9853"); script_name(english:"SUSE SLED15 / SLES15 Security Update : LibreOffice (SUSE-SU-2020:0121-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update libreoffice to version 6.3.3 fixes the following issues : LibreOffice was updated to 6.3.3 (jsc#SLE-8705), bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed : CVE-2019-9853: Fixed an issue where by executing macros, the security settings could have been bypassed (bsc#1152684). Other issues addressed : Dropped disable-kde4 switch, since it is no longer known by configure Disabled gtk2 because it will be removed in future releases librelogo is now a standalone sub-package (bsc#1144522). Partial fixes for an issue where Table(s) from DOCX showed wrong position or color (bsc#1061210). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1061210" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1144522" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1152684" ); script_set_attribute( attribute:"see_also", value:"https://wiki.documentfoundation.org/ReleaseNotes/6.3" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9853/" ); # https://www.suse.com/support/update/announcement/2020/suse-su-20200121-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?90747a6c" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Workstation Extension 15-SP1 : zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2020-121=1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 : zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-121=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libreoffice-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libreoffice-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libreoffice-sdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libreoffice-sdk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libreoffice-sdk-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libreofficekit-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/27"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/21"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP1", os_ver + " SP" + sp); if (os_ver == "SLED15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libreoffice-debuginfo-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libreoffice-debugsource-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libreoffice-sdk-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libreoffice-sdk-debuginfo-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libreoffice-sdk-doc-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libreofficekit-devel-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libreoffice-debuginfo-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libreoffice-debugsource-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libreoffice-sdk-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libreoffice-sdk-debuginfo-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libreoffice-sdk-doc-6.3.3.2-8.13.1")) flag++; if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libreofficekit-devel-6.3.3.2-8.13.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "LibreOffice"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2019-4B0CC75996.NASL description - CVE-2019-9853 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-30 modified 2019-10-09 plugin id 129736 published 2019-10-09 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129736 title Fedora 29 : 1:libreoffice (2019-4b0cc75996) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2019-4b0cc75996. # include("compat.inc"); if (description) { script_id(129736); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/30"); script_cve_id("CVE-2019-9853"); script_xref(name:"FEDORA", value:"2019-4b0cc75996"); script_name(english:"Fedora 29 : 1:libreoffice (2019-4b0cc75996)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - CVE-2019-9853 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-4b0cc75996" ); script_set_attribute( attribute:"solution", value:"Update the affected 1:libreoffice package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:1:libreoffice"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/27"); script_set_attribute(attribute:"patch_publication_date", value:"2019/10/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/09"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC29", reference:"libreoffice-6.1.6.3-5.fc29", epoch:"1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "1:libreoffice"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1947.NASL description Several vulnerabilities were discovered in LibreOffice, the office productivity suite. CVE-2019-9848 Nils Emmerich discovered that malicious documents could execute arbitrary Python code via LibreLogo. CVE-2019-9849 Matei Badanoiu discovered that the stealth mode did not apply to bullet graphics. CVE-2019-9850 It was discovered that the protections implemented in CVE-2019-9848 could be bypassed because of insufficient URL validation. CVE-2019-9851 Gabriel Masei discovered that malicious documents could execute arbitrary pre-installed scripts. CVE-2019-9852 Nils Emmerich discovered that the protection implemented to address CVE-2018-16858 could be bypassed by a URL encoding attack. CVE-2019-9853 Nils Emmerich discovered that malicious documents could bypass document security settings to execute macros contained within the document. CVE-2019-9854 It was discovered that the protection implemented to address CVE-2019-9852 could be bypassed because of insufficient input sanitization. For Debian 8 last seen 2020-06-01 modified 2020-06-02 plugin id 129595 published 2019-10-07 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129595 title Debian DLA-1947-1 : libreoffice security update NASL family Scientific Linux Local Security Checks NASL id SL_20200407_LIBREOFFICE_ON_SL7_X.NASL description * libreoffice: LibreLogo script can be manipulated into executing arbitrary python commands * libreoffice: Insufficient URL validation allowing LibreLogo script execution * libreoffice: LibreLogo global-event script execution * libreoffice: Insufficient URL encoding flaw in allowed script location check * libreoffice: Insufficient URL decoding flaw in categorizing macro location * libreoffice: Unsafe URL assembly flaw in allowed script location check * libreoffice: Remote resources protection module not applied to bullet graphics last seen 2020-04-30 modified 2020-04-21 plugin id 135817 published 2020-04-21 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135817 title Scientific Linux Security Update : libreoffice on SL7.x x86_64 (20200407) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2020-1151.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1151 advisory. - libreoffice: LibreLogo script can be manipulated into executing arbitrary python commands (CVE-2019-9848) - libreoffice: Remote resources protection module not applied to bullet graphics (CVE-2019-9849) - libreoffice: Insufficient URL validation allowing LibreLogo script execution (CVE-2019-9850) - libreoffice: LibreLogo global-event script execution (CVE-2019-9851) - libreoffice: Insufficient URL encoding flaw in allowed script location check (CVE-2019-9852) - libreoffice: Insufficient URL decoding flaw in categorizing macro location (CVE-2019-9853) - libreoffice: Unsafe URL assembly flaw in allowed script location check (CVE-2019-9854) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-06 modified 2020-04-10 plugin id 135347 published 2020-04-10 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135347 title CentOS 7 : libreoffice (CESA-2020:1151)
Packetstorm
data source | https://packetstormsecurity.com/files/download/156474/oxappsuite-ssrf.txt |
id | PACKETSTORM:156474 |
last seen | 2020-02-23 |
published | 2020-02-21 |
reporter | Martin Heiland |
source | https://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html |
title | Open-Xchange App Suite / Documents Server-Side Request Forgery |
Redhat
rpms |
|
References
- http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html
- http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html
- http://seclists.org/fulldisclosure/2020/Feb/23
- https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/
- https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/
- http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html
- https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/
- https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html
- https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E
- https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E
- http://seclists.org/fulldisclosure/2020/Feb/23
- http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html