On 12/25/15 07:15 PM, Thomas Wagner wrote:
Hi Ken,
we have version 4.4.5 in the binary repo.
I couldn't find a location with a patch for this CVE; so if anyone
has better luck, I would integrate it and rebuild the packages.
I think one needs registration in front of Operating system distributions ,
to look to CVE, even ahead of making them available to the public.
That is to give time maintainers to fix it before it is published.
So security updates check path, is needed to be established in OI,
Who is the one that gets access to CVEs and distributes to maintainers
of packages information about security fixing.
Also, information about CVEs that are not released yet does not requre
to be public before package maintainer fixes it.
That is what I think understand thus far, am I right?
Until then, users may not blindly click on links in documents they
don't trust the source.
Regards,
Thomas
On Tue, Dec 22, 2015 at 04:15:06PM +0000, ken mays via oi-dev wrote:
Security update: Update to LibreOffice 4.4.7
Location: OI-SFE packaging
LibreOffice is an open source, community-developed office productivity
_______________________________________________
oi-dev mailing list
[email protected]
http://openindiana.org/mailman/listinfo/oi-dev
