Re: CVE-2012-0037 (was RE: [libreoffice-users] CVE-2012-0337)

2012-03-23 Thread Dennis E. Hamilton
. Apparently it is the ease of crafting exploits that has the Apache OpenOffice.org categorize this as "Important" (but not "Critical"). -Original Message- From: Tom Davies [mailto:tomdavie...@yahoo.co.uk] Sent: Friday, March 23, 2012 11:36 To: users@global.libreoffice

RE: [libreoffice-users] CVE-2012-0337

2012-03-23 Thread Tom Davies
ories.  Regards from Tom :) --- On Fri, 23/3/12, Dennis E. Hamilton wrote: From: Dennis E. Hamilton Subject: RE: [libreoffice-users] CVE-2012-0337 To: users@global.libreoffice.org Date: Friday, 23 March, 2012, 17:13 This was a common vulnerability in software having lineage from Open

RE: [libreoffice-users] CVE-2012-0337

2012-03-23 Thread Dennis E. Hamilton
9 To: users@global.libreoffice.org Subject: Re: [libreoffice-users] CVE-2012-0337 Hi Dan, On Friday 23 March 2012, 08:53:54 Dan Lewis wrote: > On Fri, 2012-03-23 at 08:10 -0400, drew jensen wrote: > > On Fri, 2012-03-23 at 07:55 -0400, Dan Lewis wrote: > ... [vague security announcements] >

Re: [libreoffice-users] CVE-2012-0337

2012-03-23 Thread Dan Lewis
On Fri, 2012-03-23 at 12:52 -0400, drew jensen wrote: > On Fri, 2012-03-23 at 08:53 -0400, Dan Lewis wrote: > > On Fri, 2012-03-23 at 08:10 -0400, drew jensen wrote: > > > On Fri, 2012-03-23 at 07:55 -0400, Dan Lewis wrote: > > > > Using both LO and OOo, I'm aware of the need to patch this > > > >

Re: [libreoffice-users] CVE-2012-0337

2012-03-23 Thread drew jensen
On Fri, 2012-03-23 at 08:53 -0400, Dan Lewis wrote: > On Fri, 2012-03-23 at 08:10 -0400, drew jensen wrote: > > On Fri, 2012-03-23 at 07:55 -0400, Dan Lewis wrote: > > > Using both LO and OOo, I'm aware of the need to patch this > > > vulnerability for both. What I don't know is what is the status

Re: [libreoffice-users] CVE-2012-0337

2012-03-23 Thread Nino Novak
Hi Dan, On Friday 23 March 2012, 08:53:54 Dan Lewis wrote: > On Fri, 2012-03-23 at 08:10 -0400, drew jensen wrote: > > On Fri, 2012-03-23 at 07:55 -0400, Dan Lewis wrote: > ... [vague security announcements] > What security issues? I'm not sure I know from what I read. I tend to share you

Re: [libreoffice-users] CVE-2012-0337

2012-03-23 Thread Dan Lewis
On Fri, 2012-03-23 at 08:10 -0400, drew jensen wrote: > On Fri, 2012-03-23 at 07:55 -0400, Dan Lewis wrote: > > Using both LO and OOo, I'm aware of the need to patch this > > vulnerability for both. What I don't know is what is the status of this > > with respect to LO. I presently have 3.5.1-102 a

Re: [libreoffice-users] CVE-2012-0337

2012-03-23 Thread drew jensen
On Fri, 2012-03-23 at 07:55 -0400, Dan Lewis wrote: > Using both LO and OOo, I'm aware of the need to patch this > vulnerability for both. What I don't know is what is the status of this > with respect to LO. I presently have 3.5.1-102 and 3.4.5.502. I did not > see anything mentioned about this on

[libreoffice-users] CVE-2012-0337

2012-03-23 Thread Dan Lewis
Using both LO and OOo, I'm aware of the need to patch this vulnerability for both. What I don't know is what is the status of this with respect to LO. I presently have 3.5.1-102 and 3.4.5.502. I did not see anything mentioned about this on the LO main page. It would be nice to have a statement