On 01/09/2009 07:25 AM, Mark Knecht wrote: > On Fri, Jan 9, 2009 at 6:17 AM, M Henri Day <[email protected]> wrote: >> 2009/1/9 Gordon <[email protected]> >> >>> I have version 3 installed. >>> Kaspersky shows this vulnerability: >>> http://www.viruslist.com/en/advisories/30599 >>> The solution is to upgrade to 2.4.1!!! >>> Does V 3 not fix this vulnerability? >> >> >> The version for which the vulnerability ( an «OpenOffice >> "rtl_allocateMemory()" Integer Overflow Vulnerability») was reported (on 10 >> June 2008) is, according to the above link «OpenOffice.org 2.x». I >> understand this to have been fixed not only in 2.4.1 but also in 3.x >> versions, but it would indeed be pleasant to receive a confirmation.... >> >> Henri >> > > Kaspersky is a pretty responsive company, at least through their user > forums. Someone might want to post a question about this there. > Probably would have an answer in a few hours. > > - Mark
The best place to check & report is: http://www.openoffice.org/security/ [mailto:[email protected]] And while there, ask why there are no bulletins for 3.x on: http://www.openoffice.org/security/bulletin.html --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
