The Document Foundation has announced the release of corrective releases of the free office suite LibreOffice 7.2.4 and 7.1.8, in which the supplied cryptographic library NSS is updated to version 3.73.0. The update is related to the elimination of a critical vulnerability in NSS (CVE-2021-43527), which can be exploited through LibreOffice. The vulnerability allows you to organize the execution of your code when verifying a specially designed digital signature of a document. The releases are categorized as hotfix and contain only one change. Ready installation packages are prepared for Linux, macOS and Windows platforms.
Source: opennet.ru