Dan wrote:
On Wednesday 13 February 2008 06:43:21 David B Teague wrote:
Secunia PCI classed the version of OO.o I have installed, 2.3.1, as
"insecure" and connected me to the OO.o downloads page.
<SNIP>
Questions:
How severe is the security problem with 2.3.1?
Is there a more secure OO.o yet stable version out there?
If you recommend a later version, where do I find it?
Maybe the first thing you should do is to contact Secunia PCI to find out
why they consider OpenOffice.org "insecure". As far as I know, there have
been very few security problems found in OOo, and they have been fixed fairly
quickly. One of these problems concerned something that was discovered "in
the lab", and it was fixed before it got out into the wild.
Dan,
I had clicked the "download update" link in the Secunia page, where it
showed OO.o 2.3.1 as insecure, but not installed the "newer" version.
So, before checking back with Secunia as to why OO.o is insecure, I
rescanned my system with Secunia PCI. Now it calls OO.o 2.3.1 a secure
"Patched" version, and I cannot seem to get the "insecure" result again.
I wonder if it recorded my visit to the OO.o downloads page as having
fixed the problem.
I now have some reservations about this piece of software.
I'll contact them to see what they say about both these situations.
Warmest Regards
David Teague
Double Bass in Fifths Tuning
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
