We need a few things: 1) Someone to build the patch (http://www.openoffice.org/security/cves/CVE-2012-0037-src.txt)
2) Someone to create install instructions for the patch 3) One or more people to test the patch 4) Someone to update the website and send out an announcement #1 is actually a lot easier than it sounds. If you can build AOO 3.4 under Linux then you probably are already building the patched file. We might even just extract the relevant library from a dev snapshot install. But we need to consider what variations we need, 32 versus 64, etc. For #2 I have the source for the existing install instructions. I'm happy to share with anyone who wants to update the instructions and screenshots for Linux users. For #3, I'm sure many of us can help. We have a proof of concept file that shows the exploit that we can test against, but we need to take extreme measures to ensure that filed is not publicly disclosed. For #4, I am happy to help with the digital signature and staging to the mirrors, etc. Updating the webpage is really easy, using the Apache CMS. Anyone care to volunteer for some of these tasks? -Rob
