incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: CVE-2011-2713 patch?
Date Mon, 26 Mar 2012 22:46:35 GMT
On Sun, Mar 25, 2012 at 9:11 PM, Kazunari Hirano <khirano@gmail.com> wrote:

> Hi all,
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713
>
> Do we have a patch for this?
>
>
More info on this issue here:

https://bugzilla.redhat.com/show_bug.cgi?id=725668

Note that it was downgraded from a security vulnerability to an ordinary
crash.   Of course, it would be nice if we did not crash when loading a
corrupt DOC file.

I've sent a note to Huzaifa Sidhpurwala at RedHat, who discovered the issue
originally, to see if he has a test file we can use to see if AOO 3.4 has
the issue as well.

-Rob


> Thanks,
> khirano
> --
> khirano@apache.org
> Apache OpenOffice (incubating)
> http://incubator.apache.org/openofficeorg/
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message