NoOp wrote:
On 03/22/2012 06:31 PM, Italo Vignoli wrote:
NoOp wrote:
It would be nice if someone 'official' (ala TDF) could post the
CVE-2012-0037 notice on both the user and announce lists.
It is now reported on the blog post.
Well just how many users are subscribed to a blog post? Nor do I think
that they (at least I don't) check www.libreoffice.org daily:
https://www.libreoffice.org/
Are these the posts that you are referring to?
<http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/>
<http://blog.documentfoundation.org/2012/03/15/libreoffice-3-5-1-provides-additional-security-and-stability/>
Neither of those blog posts contain information regarding CVE-2012-0037.
Neither do the release logs or release notes. Nor is there any mention
of which bug reports are related to this issue - is there one?
LO 3.5.1 is showing:
LibreOffice 3.5.1 Final (2012-03-15)
The Redhat Bug report (Bug 791296) was dated 2012-03-16 - so LO was
aware of, and patched this in 3.5.1 prior to 15 March?
Lacking an LO Security Announce list, I just think that it would be nice
if such announcements were posted on the user & announce lists as well
and the blog.
Also the Discuss list!
--
Unsubscribe instructions: E-mail to discuss+h...@documentfoundation.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.documentfoundation.org/www/discuss/
All messages sent to this list will be publicly archived and cannot be deleted
