oss-sec mailing list archives
Re: [Officesecurity] [oss-security] CVE Request: LibreOffice -- several issues
From: Rene Engelhard <rene () debian org>
Date: Thu, 27 Nov 2014 13:43:39 +0100
Hi, On Thu, Nov 27, 2014 at 03:58:42AM +0300, Alexander Cherepanov wrote:
issues is just the tip of the iceberg. Assuming that many security bugs were fixed in current versions of LO the fact that LO in Debian Stable isn't updated for a long time probably means that security fixes are not marked as such and hence are not backported. Please correct me if I'm wrong.
Correct. Now in the CVE-2014-9093 case (where I got https://bugs.debian.org/771163, sigh, in addition to your all-in-one and thus bogus in any case bugs.debian.org/770166) the code is even so much different that I will even succeed backporting it... 3.x is totally obsolete. I'd assume anyone who really cares about doing stuff with LO uses wheezy-backpots (which has a 4.3.3) Regards, Rene
Current thread:
- CVE Request: LibreOffice -- several issues Alexander Cherepanov (Nov 18)
- Re: CVE Request: LibreOffice -- several issues timo . warns (Nov 19)
- Re: CVE Request: LibreOffice -- several issues Alexander Cherepanov (Nov 26)
- Re: CVE Request: LibreOffice -- several issues cve-assign (Nov 25)
- Re: Re: CVE Request: LibreOffice -- several issues Alexander Cherepanov (Nov 26)
- Re: [Officesecurity] [oss-security] Re: CVE Request: LibreOffice -- several issues Caolán McNamara (Nov 26)
- CVE Request: LibreOffice -- several issues Alexander Cherepanov (Nov 26)
- Re: [Officesecurity] [oss-security] CVE Request: LibreOffice -- several issues Rene Engelhard (Nov 27)
- Re: Re: CVE Request: LibreOffice -- several issues Alexander Cherepanov (Nov 26)
- Re: CVE Request: LibreOffice -- several issues timo . warns (Nov 19)