On 03/22/2012 06:31 PM, Italo Vignoli wrote:
NoOp wrote:
It would be nice if someone 'official' (ala TDF) could post the
CVE-2012-0037 notice on both the user and announce lists.
It is now reported on the blog post.
Well just how many users are subscribed to a blog post? Nor do I think
that they (at least I don't) check www.libreoffice.org daily:
https://www.libreoffice.org/
Are these the posts that you are referring to?
<http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/>
<http://blog.documentfoundation.org/2012/03/15/libreoffice-3-5-1-provides-additional-security-and-stability/>
Neither of those blog posts contain information regarding CVE-2012-0037.
Neither do the release logs or release notes. Nor is there any mention
of which bug reports are related to this issue - is there one?
LO 3.5.1 is showing:
LibreOffice 3.5.1 Final (2012-03-15)
The Redhat Bug report (Bug 791296) was dated 2012-03-16 - so LO was
aware of, and patched this in 3.5.1 prior to 15 March?
Lacking an LO Security Announce list, I just think that it would be nice
if such announcements were posted on the user & announce lists as well
and the blog.
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.