CVE-2021-41831: Apache OpenOffice: Timestamp Manipulation with Signature Wrapping

[Dave Fisher <wave () apache org>]

Severity: moderate

Description:

It is possible for an attacker to manipulate the timestamp of signed documents.

All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11.

See CVE-2021-25634 for the LibreOffice advisory.


Credit:

Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr 
University Bochum, Germany