[oi-dev] Security update: Update to LibreOffice 4.4.7

Nikola M minikola at gmail.com
Fri Dec 25 19:47:39 UTC 2015


On 12/25/15 07:15 PM, Thomas Wagner wrote:
> Hi Ken,
>
> we have version 4.4.5 in the binary repo.
>
> I couldn't find a location with a patch for this CVE; so if anyone
> has better luck, I would integrate it and rebuild the packages.

I think one needs registration in front of Operating system distributions ,
to look to CVE, even ahead of making them available to the public.
That is to give time maintainers to fix it before it is published.

So security updates check path, is needed to be established in OI,
Who is the one that gets access to CVEs and distributes to maintainers 
of packages information about security fixing.

Also, information about CVEs that are not released yet does not requre 
to be public before package maintainer fixes it.
That is what I think understand thus far, am I right?

>
> Until then, users may not blindly click on links in documents they
> don't trust the source.
>
> Regards,
> Thomas
>
> On Tue, Dec 22, 2015 at 04:15:06PM +0000, ken mays via oi-dev wrote:
>>     Security update: Update to LibreOffice 4.4.7
>>     Location: OI-SFE packaging
>>     LibreOffice is an open source, community-developed office productivity
>>     





More information about the oi-dev mailing list