Navigation
Search
|
[$] The odd saga of CVE-2012-5639
Wednesday January 10, 2024. 01:08 AM , from LWN.net
A new release
for any project with a fix for a 12-year old CVE is going to stand out pretty obviously; a recent release has a fix of that nature, but the trail of CVE-2012-5639 is rather elusive. The Apache OpenOffice project made its 4.1.15 release with fixes for four CVEs, including one for CVE-2012-5639 ('Loading internal / external resources without warning'), on December 22. But nearly everything about that CVE seems rather murky, and it is difficult to get a clear picture of what, exactly, was done in OpenOffice to address the problem.
https://lwn.net/Articles/957219/
Related News |
25 sources
Current Date
Apr, Sat 27 - 12:01 CEST
|