https://bz.apache.org/ooo/show_bug.cgi?id=116295
orcmid <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #5 from orcmid <[email protected]> --- (In reply to Andreas Säger from comment #4) > Confirmed in 4.1.2. A warm welcome to the identity thiefs. I agree that Apache OpenOffice should not be in that business. There is no meaningful way for these passwords to be encrypted, of course, unless a password is required for their decryption, ... . Even though the disclosure of that information means the machine is already likely compromised, we should not be storing passwords in profiles regardless, nor in documents. My next question is, what is happening in AOO that the password is useful for something? Sending files via e-mail? -- You are receiving this mail because: You are the assignee for the issue. You are on the CC list for the issue.
