I've scanned OOov2.4.1 on a second PC also using KIS2009 and the vulnerability was not found.
I've reported this to the Security Team. Regards, Mike -----Original Message----- From: Harold Fuchs [mailto:[email protected]] Sent: Tuesday, 24 February 2009 7:53 AM To: [email protected] Subject: Re: [users] Re: Vulnerabilities in OpenOffice.org 3 On 23/02/2009 20:42, Jean-Baptiste Faure wrote: > Le 23.02.2009 19:02, Jonathan Kaye a écrit : > >> Mike Cassidy wrote: >> >> >>> I have just done the first full scan with Kaspersky Internet Suite >>> 2009 after replacing Bullguard suite. >>> >>> The scan reported the following vulnerability: >>> http://www.viruslist.com/en/advisories/30599 >>> >>> This says it is in OOo2.4 and to fix by upgrading to v2.4.1. >>> However, I have OOov3 installed. Is there a fix for this version of >>> OOo? >>> >>> Regards, Mike >>> >> Hi Mike, If the vulnerability was fixed in 2.4.1 then it would be >> safe to assume the fix has been applied to any version newer than >> 2.4.1. Cheers, Jonathan >> > > Security bulletin http://www.openoffice.org/security/cves/CVE-2008-2152.html > says that affected releases are "all versions between OpenOffice.org 2.0 > and 2.4 inclusive". > > OpenOffice.org 3.x is outside this version interval. > > Does this mean that the fix didn't make it into v 3.x ????????? Or does it mean that the bulletin was written before v 3.x and, therefore, actually means nothing at all in the context of this discussion? -- Harold Fuchs London, England Please reply *only* to [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
