The Register® — Biting the hand that feeds IT

Feeds

Apache OpenOffice security fixes emerge

Under new management: First revamp passes one million downloads

By John Leyden, 18th May 2012
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Details have emerged about the security fixes that came bundled with Apache OpenOffice 3.4.0, the latest version of the open-source productivity suite.

Apache OpenOffice 3.4.0, released last week, included fixes for three security vulnerabilities, all rated as "important". The trio included an integer overflow error involving problems in handling embedded images and a memory overwrite bug connecting with importing WordPerfect files. Both of the flaws might be used as a means to inject hostile code onto vulnerable systems, providing hackers are able to trick prospective marks into opening booby-trapped files. The third vulnerability involves what would appear to be a less serious program crash bug involving the handling of malformed PowerPoint files.

Both OpenOffice.org 3.3 and the beta versions of 3.4 are affected by all three flaws, which get patched with Apache OpenOffice 3.4.0, the first release of the software under new management after Oracle handed over the project last year.

In related news, the Apache Software Foundation announced that downloads of the software had crossed the one million milestone since the release of the software. ®

Agentless Backup is Not a Myth

COMMENTS

House Rules Send Corrections
All Reader Comments (18)
Highly Rated
Pascal Monett

As said elsewhere

The OpenOffice developers have, in their majority, left the OpenOffice project and created LibreOffice.

So if you really want an open Office application, you want LibreOffice.

5
1
Anonymous Coward
Anonymous Coward
Reply Icon

@AC 19:02GMT - Re: Which one?

Easy answer for you!. As an end-user, there is no big difference between the two so you can freely pick any one you want.

Now if you are a paid corporate developer/manager looking for some code to pilfer freely without being forced to contribute back to the community, then OpenOffice is the way to go. You don't care about politics but IBM and Oracle surely do.

3
0
Anonymous Coward
Anonymous Coward

Apache just drop it; LibreOffice replaced it due to Oracles' greed/stupidity.

People must be dumb to download 'OpenOffice' past the split.

3
1

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
126
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
57
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
'BadNews is malware' says outfit that found it
Google says code harmless but Lookout says code base is evolving
15
Panda-peddlers cuffed for chess gambling gambit
More porridge on the menu for Chinese coders after second offence
13