The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3576-1 advisory. libreoffice was updated to version 24.8.1.2 (jsc#PED-10362): – Release notes: * https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and * https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and * https://wiki.documentfoundation.org/Releases/24.8.0/RC3 – Security issues fixed: * CVE-2024-526: Fixed TLS certificates are not properly verified when utilizing LibreOfficeKit (bsc#1226975) – Other bugs fixed: * Use system curl instead of the bundled one on systems greater than or equal to SLE15 (bsc#1229589) * Use the new clucene function, which makes index files reproducible (bsc#1047218) – Update bundled dependencies: * Java-Websocket updated from 1.5.4 to 1.5.6 * boost updated from 1.82.0 to 1.85.0 * curl updated from 8.7.1 to 8.9.1 * fontconfig updated from 2.14.2 to 2.15.0 * freetype updated from 2.13.0 to 2.13.2 * harfbuzz updated from 8.2.2 to 8.5.0 * icu4c-data updated from 73.2 to 74.2 * icu4c-src updated from 73.2 to 74.2 * libassuan updated from 2.5.7 to 3.0.1 * libcmis updated from 0.6.1 to 0.6.2 * libgpg-error updated from 1.48 to 1.50 * pdfium updated from 6179 to 6425 * poppler updated from 23.09.0 to 24.08.0 * tiff updated from 4.6.0 to 4.6.0t Tenable has extracted the preceding description block directly from the SUSE security…Read More