-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5737-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 05, 2024                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreoffice
CVE ID         : CVE-2024-6472

If LibreOffice failed to validate a signed macro, it displayed a warning
but still allowed execution of the script after printing a warning.
Going forward in high macro security mode such macros are now disabled.

For additional information please refer to
https://www.libreoffice.org/about-us/security/advisories/cve-2024-6472/

For the oldstable distribution (bullseye), this problem has been fixed
in version 1:7.0.4-4+deb11u10.

For the stable distribution (bookworm), this problem has been fixed in
version 4:7.4.7-1+deb12u4.

We recommend that you upgrade your libreoffice packages.

For the detailed security status of libreoffice please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libreoffice

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmaw7MgACgkQEMKTtsN8
TjbwRg//Uj5T8Z48NWwyT/IrUxHiSGIPdjjg8l422Ya5oMfF28Ks3ApQPpMhnkwM
YhsjZb6yRc9dxj81n5V78FtIKS5nqJ6A6NrPAb5fuan2pcULxbkvzDa9eGnhsg3G
0+lhg60KsXs0Ef9ScjWARUcmW49ukqpnUEcTXWqmZ/DDF16G6OOD5oR4s5BUnBq0
t41n5TvJC//13ptBnnI3iTq2rFMZz4jb/yoxGsc9WOvcTpb46yXKQnckIviMH4Nt
FWsAOZuI24o9tWeB/HkOSCY/KploFkojrxQpIJg7M7UqCzK/woWI5JfuI+xaqSiB
gibOqSohzYAxem1DhM/UckqXfgjpo91YgWVwbeaMfxX2VFCEUQW0ZiPQ/G4wQZMS
zawp/6hMuBTIlX+zQaYb7uyC3iIUj3UFeGvoQmOfeSSxpDI4yp7cHNPQvSTe1mXB
XlCzf8we/TzhjSKXcNvbYLnn2ro2fHRs3AwExZ+X24S1hfG+Fv9xnRk9VqqG8hiE
Tc4nEX92aHprjDTXhofRG5oDEAmhz7nyVAWiyJDTYtQkdbooU5sDIjTol7Ednckp
jTtkpajlIHfQrtjoxBFAU3MmUX1DIP8CUzOtrBsEdQ5yv3Y+zDLn4O1VJRGMfAzT
TaZ7tFwYbE7/rQh/Kv6a55z1QfPK13aWLhLvx9jfwudl4zAytGk=
=KIup
-----END PGP SIGNATURE-----