| Package | libreoffice |
|---|---|
| Version | 1:6.1.5-3~deb9u3 (stretch) |
| Related CVEs | CVE-2024-3044 |
Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.
For Debian 9 stretch, these problems have been fixed in version 1:6.1.5-3~deb9u3.
We recommend that you upgrade your libreoffice packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.