![]() ![]() These vulnerabilities were uncovered by researchers Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany, and also affect LibreOffice (they have been fixed in LibreOffice 7.0.6/7.1.2).įinally, Apache has fixed CVE-2021-28129, a potential security issue with the suite’s DEB package.įor information about other bugs fixed and enhancements/features introduced in Apache OpenOffice 4.1.11, check out the release notes. The fixed vulnerabilitiesĪs previously mentioned, the fix for CVE-2021-33035 has finally found its way into an official release of the suite.Īpache OpenOffice 4.1.11 also comes with a fix for CVE-2021-40439, a security vulnerability in the third-party XML parser library included in the suite that allowed billion laughs (DoS) attacks.ĬVE-2021-41830 and CVE-2021-41832 allow attackers to manipulate signed documents and macros to appear to come from a trusted source, and CVE-2021-41831 allows the manipulation of the timestamp of signed documents. The suite is available for Windows, macOS and Linux. According to the ASF, since its initial release it has been downloaded by hundreds of millions of users: individuals as well as businesses and organizations. It is developed by the Apache Software Foundation and welcomes contributions from its code community. The Apache Software Foundation (ASF) has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed RCE vulnerability that could be triggered via a specially crafted document.Īpache OpenOffice is an open-source office productivity suite that includes a word processor (Writer), a spreadsheet tool (Calc), a presentation editor (Impress), a vector graphics drawing editor (Draw), a mathematical formula editor (Math), and a database management program (Base). ![]()
0 Comments
Leave a Reply. |