[tdf-discuss] security related information, CVE-2016-4324

[Caolán McNamara]

Parsing the Rich Text Format character style index was insufficiently
checked for validity. Documents can be constructed which dereference an
iterator to the first entry of an empty STL container.

All users are recommended to upgrade to LibreOffice >= 5.1.4

Thanks to the researchers working with Cisco Talos Security
Intelligence and Research Group for discovering this flaw.

C.

-- 
To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.documentfoundation.org/www/discuss/
All messages sent to this list will be publicly archived and cannot be deleted

[tdf-discuss] Re: security related information, CVE-2016-4324

[Marc Paré]

Hi,

Le 2016-06-28 10:59, Caolán McNamara a écrit :

Parsing the Rich Text Format character style index was insufficiently
checked for validity. Documents can be constructed which dereference an
iterator to the first entry of an empty STL container.

All users are recommended to upgrade to LibreOffice >= 5.1.4

Thanks to the researchers working with Cisco Talos Security
Intelligence and Research Group for discovering this flaw.

C.



I imagine then that the "Download" page on the website should point to 
at least v.5.1.4 rather than 5.0.6?


Marc


--
Marc Paré
m...@marcpare.com
http://www.parEntreprise.com
parEntreprise.com Supports OpenDocument Formats (ODF)
parEntreprise.com Supports http://www.LibreOffice.org


--
To unsubscribe e-mail to: discuss+unsubscr...@documentfoundation.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.documentfoundation.org/www/discuss/
All messages sent to this list will be publicly archived and cannot be deleted