On Fri, 2021-04-16 at 12:04 +0200, William Gathoye (LibreOffice) wrote:
> On 15/04/2021 21:55, Caolán McNamara wrote:
> > [...]
> > In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the
> > 7-
> > 0 series in versions prior to 7.0.5
> > [...]
>
> have received a CVE warning from a s
On 15/04/2021 21:55, Caolán McNamara wrote:
[...]
In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-
0 series in versions prior to 7.0.5
[...]
Being the maintainer of chocolatey packages related to LibreOffice, I
have received a CVE warning from a security analyst saying t
tl;dr: Windows users should upgrade to 7.0.5 or 7.1.2
LibreOffice has a feature where hyperlinks in a document can be
activated by CTRL+click. Under Windows the link can be passed to the
system ShellExecute function for handling. LibreOffice contains a
denylist of extensions that it blocks from pa