SUSE Package Hub - openSUSE-2021-992

Update Info

openSUSE-2021-992

Security update for libxls

Type: security

Severity: moderate

Issued: 2021-07-08

Description:

This update for libxls fixes the following issues:

libxls was updated to release 1.6.2:

* Fix NULL pointer dereferences in the xls2csv tool [boo#1179532] [CVE-2020-27819]

Update to release 1.6.1

* Enabled decoding of non-Unicode character sets in older
  (BIFF5) XLS files.
* Improved string conversion performance in newer files.

update to 1.5.3:

* Allow truncated XLS files
* Fix long-standing "extra column" bug #73
* Support for RSTRING records (rich-text cells in older
  BIFF5 files) tidyverse/readxl#611

References

CVE: CVE-2020-27819
Bugzilla: 1179532 VUL-1: CVE-2020-27819: libxls: NULL pointer dereference via crafted xls file

Packages

libxls-1.6.2-bp153.2.3.1