RE: [libreoffice-users] CVE-2012-0337

This was a common vulnerability in software having lineage from OpenOffice 3.x, where it was 
introduced as part of support for features that are new in ODF 1.2.

I have provided an unofficial, personal analysis on the ooo-users list.  See 
<http://mail-archives.apache.org/mod_mbox/incubator-ooo-users/201203.mbox/%3c008c01cd08af$dd22b230$97681690$@acm.org%3e>.
  (I considered posting that here, but wasn't sure if it would be seen as appropriate.)

 - Dennis



-----Original Message-----
From: Nino Novak [mailto:nn.libo@kflog.org] 
Sent: Friday, March 23, 2012 06:29
To: users@global.libreoffice.org
Subject: Re: [libreoffice-users] CVE-2012-0337

Hi Dan,

On Friday 23 March 2012, 08:53:54 Dan Lewis wrote:
> On Fri, 2012-03-23 at 08:10 -0400, drew jensen wrote:
> > On Fri, 2012-03-23 at 07:55 -0400, Dan Lewis wrote:

>  ...  [vague security announcements]
>      What security issues? I'm not sure I know from what I read.

I tend to share your wish for a clearer information here.


>      Another thing that comes from trying to find this information: What
> is a link that I can use to list my concerns or other comments about the
> layout of the LO website?

As the project is self organized I'd suggest to raise your concerns in the 
website[1] list. There's also a more formal procedure to file an issue in 
bugzilla[2] (component WWW) 

HTH Nino

[ ... ]


-- 
For unsubscribe instructions e-mail to: users+help@global.libreoffice.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted