Two months later and Apache Openoffice is still vulnerable to CVE-2015-1774 (malformed files may permit arbitrary code execution)
http://article.gmane.org/gmane.comp.apache.openoffice.devel/23914 … oh god OpenOffice is a disaster
-
-
-
At what point does this kind of negligence become criminal?
-
If Adobe had taken this long to push out an Acroread update we'd be justifiably furious. Apache are utterly failing their users.
-
Last Apache Openoffice release was 11 months ago. If you can't release security fixes, stop publicising your software..
-
Apache's security team argued that it's an old format and so unimportant - AOO happily opens that format even if it ends .docx
-
So I guess Apache's security team thinks nobody ever opens documents people send them via email?
-
<---- You must be *this* competent to steward a well known trademark <---- Apache OpenOffice team
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.