On 4/13/05, Jason Faulkner <[EMAIL PROTECTED]> wrote: > Shouldn't a severe vulnerability notification have been sent to the > announce list? I mean, this is pretty serious.
Maybe now, but you want to keep it quiet until a patch becomes available. This isn't really a severe vulnerability, because it requires user interaction for it to be ran. I.E. I would have to download a specialized Word document that is exploiting the hole. Now is probably the best time to tell people so they can look forward to a patch. Adam M. > > On 4/13/05, Deepankar Datta <[EMAIL PROTECTED]> wrote: > > OpenOffice Confirms Buffer Overflow Flaw > > ---------------------------------------- > > "The OpenOffice.org community on Tuesday confirmed the existence of a > > potentially serious heap-overflow vulnerability in its freely > > distributed office productivity suite." > > ... > > "We learned of this March 31 and will be working on it immediately. A > > patch is ready but it is still going through [quality assurance] > > testing," Suarez-Potts told eWEEK.com. The update is expected to be > > available for general download within two days." > > > > http://www.eweek.com/article2/0,1759,1785154,00.asp > > > > OpenOffice.org post: > > http://www.openoffice.org/issues/show_bug.cgi?id=46388 > > > > Further reporting: > > http://news.com.com/OpenOffice.org+details+vulnerability/2100-1002_3-5669073.html?tag=nefd.top > > > > Send instant messages to your online friends http://uk.messenger.yahoo.com > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > -- > Jason Faulkner > ------------------------ > OldOs.org Owner/Admin / http://oldos.org / [EMAIL PROTECTED] > ------------------------ > Certified INGOTS Gold Assessor Trainer / http://www.theingots.org > ------------------------ > OpenOffice.org Marketing Volunteer / [EMAIL PROTECTED] > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
