> -----Original Message----- > From: Rodrigo Marin-Rogers [mailto:[email protected]] > Sent: Tuesday, August 30, 2016 16:44 > To: [email protected]; [email protected] > Subject: Re: [REPORT] CVE-2016-1513 Security Advisory > > Dear Dennis: > > The hotfix download and installation process is quite long and > complicated for the general users who are not developers. Why don't you > just create a new version with the hotfix already included much easier > to download. I've lost several documents that showed as corrupt when I > tried to reopen them, then I suspected that something like this was > happening, so I deleted them from my computer. > > Thank you for your kind concern, Please let me know if you create > such new version! > > Truly yours, > > > > Rodrigo. [orcmid]
Thank you for the feedback, Rodrigo. It may be months before there is a full update for Apache OpenOffice. The hotfixes are for those able to make use of them in the meantime. The reason we make the README files available to be read first is so folks can calibrate whether they want to go through it or not. With regard to your document corruption experience, that is not the behavior associated with the CVE-2016-1513 vulnerability. They were probably damaged in the Save process. That is not unknown. - Dennis > > > On Tue, Aug 30, 2016 at 9:46 AM, Dennis E. Hamilton <[email protected] > <mailto:[email protected]> > wrote: > > > [BCC PMC] > > Today, Version 2.0 of the Advisory for CVE-2016-1513 <tel:2016- > 1513> has been issued. > > There is now general availability of a Hotfix that can be > downloaded and applied to installations of Apache OpenOffice 4.1.2. The > Hotfix details can be found at > <http://archive.apache.org/dist/openoffice/4.1.2-patch1/hotfix.html > <http://archive.apache.org/dist/openoffice/4.1.2-patch1/hotfix.html> >. > > Please review the README instructions before deciding to download > and apply the Hotfix. [ ... ] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
