This week at LWN: An odd vulnerability report for LibreOffice
|
|
An October 5 press release from The Document Foundation provides a bit of information about a vulnerability that was fixed in recent versions of LibreOffice (LO). The vulnerability sounds fairly serious: "This flaw could have been used for nefarious purposes, such as installing viruses, through a specially-crafted [.doc] file." It was evidently fixed, silently, in versions 3.4.3 and 3.3.4 of LO, which were released in August. The details (such as they are) were withheld "until users have been given time to migrate to the new version", but it isn't at all clear that Linux distributions have put out fixes yet. Worse still, OpenOffice.org (OOo) is vulnerable as well, but there has been no release from that project since January.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
