Hi :) I think the 3.4.x dealt with 1 issue and some other fairly early branch around there dealt with another. AOO have just dealt with those issues in the last couple of months.
I don't think either issue was "out in the wild" or actually affecting anyone but i am not entirely certain of that. One of the often stated advantages of OpenSource is "more eyeballs on the code" and i have a feeling it was a dev that spotted the problem, in both cases, before it became widely known. Certainly no-one reported problems on this mailing list and i first heard about them on the marketing mailing list (ie not an expected route). I think there is a security mailing list (which i am not on) and normal users could have reported directly to the devs without me knowing, but usually people bring their problems to this list before going to the others afaik. Also i have no idea how to find out what the problem was or how to try to take advantage of it on an ancient version of LO. I think AOO made an announcement and someone copied that to this list but i would struggle to find the thread in the archives! So, all i do know (at least for fairly certain) is that there was 1 problem a couple of years ago and it got fixed. Sorry chap! Happy hunting! Regards from Tom :) ________________________________ From: Jay Lozier <[email protected]> To: Vladimir Tagaban <[email protected]> Cc: "[email protected]" <[email protected]> Sent: Thursday, 12 September 2013, 13:39 Subject: Re: [libreoffice-users] Security vulnerabilities -----Original Message----- From: Vladimir Tagaban <[email protected]> To: [email protected] <[email protected]> Subject: [libreoffice-users] Security vulnerabilities Date: Thu, 12 Sep 2013 01:10:09 +0000 Hello guys, I was just wondering, are there any know security vulnerabilities with LibreOffice 4.0.2. I want to test it but wanted to know if there were any concerns. I know that you are currently at version 4.1.1 but wanted to use an older version. I have done some research online into this matter but nothing was stated as far as security concerns were concerned. Sincerely, Vladimir Tagaban Vladimir, I would check Bugzilla for any security concerns or reports. -- Jay Lozier [email protected] -- To unsubscribe e-mail to: [email protected] Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/users/ All messages sent to this list will be publicly archived and cannot be deleted
