The Internet, October 4, 2011 – The Document Foundation (TDF) publishes some details of the security fixes included with the recently released LibreOffice 3.4.3, and included in the older 3.3.4 version. Following industry best practice, details of security fixes are withheld until users have been given time to migrate to the new version.
RedHat security researcher Huzaifa Sidhpurwala identified a memory corruption vulnerability in the code responsible for loading Microsoft Word documents in LibreOffice. This flaw could have been used for nefarious purposes, such as installing viruses, through a specially-crafted file. The corresponding vulnerability description is CVE-2011-2713,”Out-of-bounds property read in binary .doc filter”.
LibreOffice 3.4.3 also includes various improvements to the loading of Windows Metafile (.wmf) and Windows Enhanced Metafile (.emf) image formats that were found through fuzz testing.
LibreOffice developers have developed some additional security patches and fixes. These are part of a general set of development improvements which are reflected in the overall quality and stability of the software. Most LibreOffice 3.4.3 security fixes have been developed by Caolan McNamara of RedHat and Marc-André Laverdière of Tata Consultancy Services.
“Working on fuzzing LibreOffice import filters has been a great experience, and I am glad I could contribute in securing the computing experience of millions of users,” said Marc-André Laverdière, Scientist, TCS Innovation Labs, Tata Consultancy Services, Ltd. “Working in cooperation with the TDF development team, we have found and fixed serious security and crasher bugs.”
All users are recommended to upgrade to LibreOffice 3.4.3 as soon as possible, in order to benefit from the improved security of the office suite. LibreOffice 3.4.3 can be downloaded from http://www.libreoffice.org.