CVE-2024-6472

Publication date 5 August 2024

Last updated 15 August 2024

Ubuntu priority

Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libreoffice	24.04 LTS noble	Fixed 4:24.2.5-0ubuntu0.24.04.2
	22.04 LTS jammy	Fixed 1:7.3.7-0ubuntu0.22.04.6
	20.04 LTS focal	Fixed 1:6.4.7-0ubuntu0.20.04.11

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-6962-1
LibreOffice vulnerability
15 August 2024

Other references

https://www.cve.org/CVERecord?id=CVE-2024-6472
https://www.libreoffice.org/about-us/security/advisories/CVE-2024-6472