Navigation
Recherche
|
[$] The odd saga of CVE-2012-5639
mercredi 10 janvier 2024, 01:08 , par LWN.net
A new release
for any project with a fix for a 12-year old CVE is going to stand out pretty obviously; a recent release has a fix of that nature, but the trail of CVE-2012-5639 is rather elusive. The Apache OpenOffice project made its 4.1.15 release with fixes for four CVEs, including one for CVE-2012-5639 ('Loading internal / external resources without warning'), on December 22. But nearly everything about that CVE seems rather murky, and it is difficult to get a clear picture of what, exactly, was done in OpenOffice to address the problem.
https://lwn.net/Articles/957219/
Voir aussi |
56 sources (32 en français)
Date Actuelle
jeu. 2 mai - 17:19 CEST
|