[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tdf-discuss] Re: security related information, CVE-2019-9848, CVE-2019-9849


On Fri, 2019-08-09 at 21:38 -0700, Derek Currie wrote:
> A further patch was supposed to be applied in version
> 6.3.4 this week.
> And yet there is no record in the release notes of that patch.
> Instead, there is an incorrect listing that CVE-2019-9848 was patched
> in v6.2.5.2, which has been published to not be the case.

It is not incorrect to state that CVE-2019-9848 was patched in 6.2.5.2,
but it is fair to state that it turns out the solution is not totally
sufficient and there is an additional problem with the solution.

A new advisory will be issued with a new CVE number for the follow-up
issue when the solution is ready. We're working on making it available.


--
To unsubscribe e-mail to: discuss+unsubscribe@documentfoundation.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.documentfoundation.org/www/discuss/
Privacy Policy: https://www.documentfoundation.org/privacy

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.