CVE-2024-7788

Publication date 17 September 2024

Last updated 19 September 2024

Ubuntu priority

Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libreoffice	24.04 LTS noble	Fixed 4:24.2.5-0ubuntu0.24.04.2
	22.04 LTS jammy	Fixed 1:7.3.7-0ubuntu0.22.04.7
	20.04 LTS focal	Fixed 1:6.4.7-0ubuntu0.20.04.12

How can I get the fixes?
What do statuses mean?

Notes

mdeslaur

unclear if this affects versions earlier than 24.2

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-7025-1
LibreOffice vulnerability
19 September 2024

Other references

https://www.cve.org/CVERecord?id=CVE-2024-7788
https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788