The Document Foundation usually releases new versions of its office suite on Thursdays, or at least the newest ones. That they deliver something to us on a different day and for the branches that are known as "fresh" (the newest) and "still" (the one with the most corrections) is not usually good news, and yesterday Tuesday, less than two weeks later of 7.6.1, they launched LibreOffice 7.6.2 and 7.5.7 to correct a security breach that they have considered serious enough to advance their plans.
El security breach that they have had to shortcut has been the CVE-2023-4863, whose description explains that «Heap buffer overflow in WebP in Google Chrome before 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page«. Chromium is mentioned in the previous link, but the problem is in the libwebp library that is used in many other software.
LibreOffice 7.6.2 and 7.5.7 also fix other bugs
LibreOffice 7.6.2 and 7.5.7 They also fix other bugs and regressions and all patches are now available. The Document Foundation encourages all LibreOffice users to update as soon as possible.
The complete list of changes is included in the publications of LibreOffice 7.6.2 RC1 y 7.5.7 RC1., with 54 and 14 bugs respectively. There is nothing about the RC2 because, as already explained, they have had to advance the releases to correct the bug that is considered high priority.
The two new versions are already available to download from your official website. From there, Linux users can download DEB and RPM packages, but it is also already in Flatub. The snap package, the ones that Canonical assured would be updated so soon and that we would benefit from especially for security reasons, is still in 7.6.1. It should arrive in the repositories of the different Linux distributions in the next few hours.