oss-sec mailing list archives
CVE-2021-41831: Apache OpenOffice: Timestamp Manipulation with Signature Wrapping
From: Dave Fisher <wave () apache org>
Date: Mon, 11 Oct 2021 03:05:11 +0000
Severity: moderate Description: It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory. Credit: Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany
Current thread:
- CVE-2021-41831: Apache OpenOffice: Timestamp Manipulation with Signature Wrapping Dave Fisher (Oct 11)