Tomas Florian

**Name of the Vulnerable Software and Affected Versions** LibreOffice versions 6.3.0 through 6.3.5 LibreOffice versions 6.4.0 through 6.4.2 **Description** The issue is related to errors in encryption. When LibreOffice has an encrypted document open and crashes, the document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful and the file format of the recovered document was not LibreOffice's default ODF file format, then subsequent saves of the document are unencrypted by default. This may lead to a user accidentally saving a document, such as in MSOffice file format, unencrypted while believing it to be encrypted. **Recommendations** For LibreOffice versions 6.3.0 through 6.3.5, update to version 6.3.6 or later to resolve the issue. For LibreOffice versions 6.4.0 through 6.4.2, update to version 6.4.3 or later to resolve the issue.