oss-sec mailing list archives
Re: [Officesecurity] Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification
From: Caolán McNamara <caolanm () redhat com>
Date: Tue, 29 May 2012 10:52:49 +0100
On Mon, 2012-05-28 at 17:09 +0200, Jan Lieskovsky wrote:
For what is related against upstream patches -- upon testing we can confirm, the original ones were complete and this is in no way a new security flaw.
...
But something, which got corrected upstream in previous release(s), and should mention possibility of arbitrary code execution too in order to properly describe this deficiency. OpenOffice.org / LibreOffice upstreams - please update your advisories to reflect this if possible yet.
Done, for LibreOffice, updated description to reflect overflow possibilities. C.
Current thread:
- Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification Jan Lieskovsky (May 28)
- Re: Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification Jan Lieskovsky (May 29)
- Re: [Officesecurity] Kind request to update upstream CVE-2012-2334 advisories they to reflect arbitrary code execution possibility too and OSS list notification Caolán McNamara (May 29)