Re: [libreoffice-users] Security vulnerabilities

Tom Davies <tomdavies04 -AT- yahoo.co.uk>
Thu, 12 Sep 2013 16:50:25 +0100 (BST)

Hi :)
I think the 3.4.x dealt with 1 issue and some other fairly early branch around there dealt with 
another.  AOO have just dealt with those issues in the last couple of months.  

I don't think either issue was "out in the wild" or actually affecting anyone but i am not entirely 
certain of that.  One of the often stated advantages of OpenSource is "more eyeballs on the code" 
and i have a feeling it was a dev that spotted the problem, in both cases, before it became widely 
known.  Certainly no-one reported problems on this mailing list and i first heard about them on the 
marketing mailing list (ie not an expected route).  

I think there is a security mailing list (which i am not on) and normal users could have reported 
directly to the devs without me knowing, but usually people bring their problems to this list 
before going to the others afaik.    

Also i have no idea how to find out what the problem was or how to try to take advantage of it on 
an ancient version of LO.  I think AOO made an announcement and someone copied that to this list 
but i would struggle to find the thread in the archives!  

So, all i do know (at least for fairly certain) is that there was 1 problem a couple of years ago 
and it got fixed.  

Sorry chap!
Happy hunting!
Regards from 

Tom :)  




________________________________
 From: Jay Lozier <jslozier@gmail.com>
To: Vladimir Tagaban <vtagaban@vistaprint.com> 
Cc: "users@global.libreoffice.org" <users@global.libreoffice.org> 
Sent: Thursday, 12 September 2013, 13:39
Subject: Re: [libreoffice-users] Security vulnerabilities
 

-----Original Message-----
From: Vladimir Tagaban <vtagaban@vistaprint.com>
To: users@global.libreoffice.org <users@global.libreoffice.org>
Subject: [libreoffice-users] Security vulnerabilities
Date: Thu, 12 Sep 2013 01:10:09 +0000


Hello guys,

I was just wondering, are there any know security vulnerabilities with LibreOffice 4.0.2. I want to 
test it but wanted to know if there were any concerns. I know that you are currently at version 
4.1.1 but wanted to use an older version.

I have done some research online into this matter but nothing was stated as far as security 
concerns were concerned.

Sincerely,
Vladimir Tagaban

Vladimir,

I would check Bugzilla for any security concerns or reports.


-- 
Jay Lozier
jslozier@gmail.com
-- 
To unsubscribe e-mail to: users+unsubscribe@global.libreoffice.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted

Context

[libreoffice-users] Security vulnerabilities · Vladimir Tagaban
- Re: [libreoffice-users] Security vulnerabilities · Tanstaafl
- Re: [libreoffice-users] Security vulnerabilities · Jay Lozier
  - Re: [libreoffice-users] Security vulnerabilities · Tom Davies
    - Re: [libreoffice-users] Security vulnerabilities · Tom Davies
      - RE: [libreoffice-users] Security vulnerabilities · Vladimir Tagaban
- Re: [libreoffice-users] Security vulnerabilities · Sophie
- Re: [libreoffice-users] Security vulnerabilities · Andrew Douglas Pitonyak

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.