incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Florian Effenberger <>
Subject Re: Vulnerability fixed in LibreOffice
Date Thu, 06 Oct 2011 12:22:49 GMT

Dirk-Willem van Gulik wrote on 2011-10-06 14:14:
> Furthermore - there is nothing stopping you from having a knownsecurity@ group more focused
on security - and having this as your first (more public) port of call.

for years, there has been security@ooo. That group knows each other very 
well, has been working together in trust for many years, and not only I 
proposed here on this list to continue working the way it was before, 
since security is an area where we can work together closely apart from 
any "political" issues.

However, I was told several times, that this is not desired, and things 
are different at Apache. So be it, I am not wasting my time anymore 
explaining over and over again why my proposal would have been the best 
solution. Believe me, or tell me a dozen times things are different, 
it's your choice.

In the current case, however, as I understood it, Apache representatives 
have been made aware of the security issue. When and how Apache is able 
to ship a fixed binary, and whether this is needed, is out of my scope.


Florian Effenberger <>
Steering Committee and Founding Member of The Document Foundation
Tel: +49 8341 99660880 | Mobile: +49 151 14424108
Skype: floeff | Twitter/ @floeff

View raw message