Ensure Tails 3.6 fixes CVE-2018-6871
Currently, when an attacker social engineers a Tails user to open up a maliciously crafted document in LibreOffice, it can exfiltrate various files.
A PoC has been released:
Debian has not backported the fix to Stretch as of writing: https://security-tracker.debian.org/tracker/CVE-2018-6871
Is there a reason why there isn’t an AppArmor profile running containing the libreoffice suite?
How would we feel about disabling macro’s that can also possibly run code on your computer?