Date: prev next · Thread: first prev next last
2012 Archives by date, by thread · List index

[tdf-discuss] Re: security-related information, CVE-2012-1149, CVE-2012-2334


On 05/16/2012 01:09 PM, Caolán McNamara wrote:
On Wed, 2012-05-16 at 12:29 -0700, NoOp wrote:
Any idea if 3.5.3 also addresses this one that also came out today?
http://www.openoffice.org/security/cves/CVE-2012-2149.html

This is actually "libwpd", which gets bundled into non-distro builds.
The advisory relates to a very old version of libwpd bundled into the
last OpenOffice.org release. LibreOffice 3.3.X already contained a
sufficiently recent version of libwpd to be unaffected by that, so
you're fine with any version of LibreOffice.

the filter can be patched rather than removed like AOO.

The filter got removed from AOO due to being under the LGPL (!)
https://cwiki.apache.org/OOOUSERS/ipclearance.html
...

Thanks!



-- 
Unsubscribe instructions: E-mail to discuss+help@documentfoundation.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.documentfoundation.org/www/discuss/
All messages sent to this list will be publicly archived and cannot be deleted

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.