Hi guys,
On Thu, 2011-02-03 at 23:03 +0100, Rene Engelhard wrote:
I don't know what you count as authorized, but this is at least worth
pointing people to:
http://lists.debian.org/debian-openoffice/2011/01/msg00287.html
Quite; and I will blog this as well (when I get on-line):
Interested by the concern and uncertainty being created
around the mistaken idea that there are some security fixes present
in OO.o that are not in LibreOffice. This is not so. LibreOffice
contains all the security fixes in 3.3.0 and perhaps more. Why more ?
simply as side-effects of our code cleans, application of cppcheck
etc. Many 'security bugs' are really just bugs, and we're working hard
to improve our code quality.
To improve code security many projects do code 'auditing', a big part
of which is careful reading of the code with this in mind. In
LibreOffice code review is the norm, so we aspire to a higher quality
from this perspective over time. Sadly, of course there are always
human errors, but as and when they are found, we aim to create fixes
and get them to our users more quickly via. our rapid monthly stable
releases.
IMHO we need to claim the moral high ground here; LibreOffice -should-
be increasingly more secure, if not now, then over time.
ATB,
Michael.
--
michael.meeks@novell.com <><, Pseudo Engineer, itinerant idiot
Context
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.