LibreOffice has released the latest version 6.2.6/6.3.0 of its open-source office software to address three new vulnerabilities that could allow attackers to bypass patches for two previously addressed vulnerabilities. One of the two vulnerabilities, tracked as CVE-2019-9848, that LibreOffice attempted to patch just last month was a code execution flaw that affected LibreLogo, a programmable turtle vector graphics script that ships by default with LibreOffice. Another flaw resides in a separate feature where documents can specify pre-installed scripts that can be executed on various global script events.
Source: https://thehackernews.com/2019/08/libreoffice-patch-update.html