[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: [Officesecurity] [oss-security] CVE Request: LibreOffice -- several issues
From: Rene Engelhard <rene () debian ! org>
Date: 2014-11-27 12:43:39
Message-ID: 20141127124339.GB2131 () rene-engelhard ! de
[Download RAW message or body]
Hi,
On Thu, Nov 27, 2014 at 03:58:42AM +0300, Alexander Cherepanov wrote:
> issues is just the tip of the iceberg. Assuming that many security
> bugs were fixed in current versions of LO the fact that LO in Debian
> Stable isn't updated for a long time probably means that security
> fixes are not marked as such and hence are not backported. Please
> correct me if I'm wrong.
Correct.
Now in the CVE-2014-9093 case (where I got https://bugs.debian.org/771163, sigh,
in addition to your all-in-one and thus bogus in any case
bugs.debian.org/770166) the code is even so much different that I will even succeed backporting
it...
3.x is totally obsolete.
I'd assume anyone who really cares about doing stuff with LO uses wheezy-backpots
(which has a 4.3.3)
Regards,
Rene
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic