- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4020-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Bastien Roucariès
January 19, 2025                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libreoffice
Version        : 1:7.0.4-4+deb11u12
CVE ID         : CVE-2024-12425 CVE-2024-12426

Libreoffice an office productivity software suite,
was affected by two vulnerabilities

CVE-2024-12425

    Improper Limitation of a Pathname to a Restricted Directory
    ('Path Traversal') vulnerability allows Absolute Path Traversal.
    An attacker can write to arbitrary locations, albeit suffixed
    with ".ttf", by supplying a file in a format that supports
    embedded font files

CVE-2024-12426

    Exposure of Environmental Variables and arbitrary INI file values
    to an Unauthorized Actor vulnerability.
    URLs could be constructed which expanded environmental variables
    or INI file values, so potentially sensitive information could
    be exfiltrated to a remote server on opening a document
    containing such links.

For Debian 11 bullseye, these problems have been fixed in version
1:7.0.4-4+deb11u12.

We recommend that you upgrade your libreoffice packages.

For the detailed security status of libreoffice please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libreoffice

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS