All, A security vulnerability affecting OpenOffice.org 1.1.4 and earlier, as well as 2.0beta, including the developer builds, was recently detected. It has been fixed and a patch is available for immediate download for all users of OpenOffice.org 1.1.4.
Users of earlier releases (1.1.3 and prior) must upgrade. Users of 2.0beta are requested to download the latest beta, OpenOffice.org 1.9.95. It will include the patch and be ready shortly. Operating systems affected: All, including Linux, Solaris, Windows, Mac OS X (X11) (NeoOffice/J users of the latest release are not affected.) For other platforms, go to the Porting homepage for more information. * Porting Project: <http://porting.openoffice.org/> The patch can be found here: <http://download.openoffice.org/1.1.4/security_patch.html> installation is easy and instructions are on the page listed above. We are requesting that all CD distributors and partners of OpenOffice.org include the security patch. If you are not sure your copy of OpenOffice.org 1.1.4 is secure, download the patch and be sure. How serious is the problem? The problem resides in how OpenOffice.org handles Microsoft Office .doc files. A malicious user could send such a file as an attachment to you containing code that would allow them to execute arbitrary commands on your computer should you open that document in OpenOffice.org. See the security advisory for more information: <http://www.securityfocus.com/archive/1/395516> Be safe by always making sure that you only open attachments from trusted persons. Regards, The OpenOffice.org Team --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
