Ubungozi obuthathu buye badalulwa kumagumbi ehhovisi i-LibreOffice ne-Apache OpenOffice engavumela abahlaseli ukuthi balungiselele amadokhumenti abonakala esayinwe umthombo othembekile noma bashintshe idethi yedokhumenti esivele isayiniwe. Izinkinga zalungiswa ekukhishweni kwe-Apache OpenOffice 4.1.11 kanye ne-LibreOffice 7.0.6/7.1.2 ngaphansi kwesithunzi seziphazamisi ezingezona ezokuvikela (i-LibreOffice 7.0.6 kanye ne-7.1.2 zishicilelwe ekuqaleni kukaMeyi, kodwa ukuba sengozini kwaba kuphela sekudaluliwe manje).
- I-CVE-2021-41832, CVE-2021-25635 - ivumela umhlaseli ukuthi asayine idokhumenti ye-ODF enesitifiketi esizisayinele esingathembekile, kodwa ngokushintsha i-algorithm yesiginesha yedijithali ibe inani elingalungile noma elingasekelwe, zuza ukuboniswa kwale dokhumenti njengokwethenjelwa. (isiginesha ene-algorithm engalungile ithathwe njengelungile).
- I-CVE-2021-41830, CVE-2021-25633 - ivumela umhlaseli ukuthi akhe idokhumenti ye-ODF noma ama-macro azoboniswa kusixhumi esibonakalayo njengokwethembeka, ngaphandle kokuba khona kokuqukethwe okwengeziwe okugunyazwe esinye isitifiketi.
- I-CVE-2021-41831, CVE-2021-25634 - ivumela izinguquko ukuthi zenziwe kudokhumenti ye-ODF esayiniwe ngokwedijithali ehlanekezela isikhathi sokukhiqiza isiginesha yedijithali eboniswa kumsebenzisi ngaphandle kokwephula inkomba yokuthenjwa.
Source: opennet.ru