LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Collaborating In The Only Place Possible

Collaborating In The Only Place Possible

Posted Oct 5, 2011 22:55 UTC (Wed) by webmink (guest, #47180)
Parent article: An odd vulnerability report for LibreOffice

It's unfortunate that the "securityteam" mailing list didn't include any AOO folks

It definitely did - I was forwarded the e-mail confirming it. Given the LO developers were barred from joining the Apache security list when it formed as it's only open to hand-picked Apache committers, the securityteam mailing list is the only remaining place for collaboration. Given the LO developers posted the report and the patches to that list, it's hard to see what more they could have done. S.

(Log in to post comments)

Collaborating In The Only Place Possible

Posted Oct 6, 2011 8:00 UTC (Thu) by dgm (subscriber, #49227) [Link]

>it's hard to see what more they could have done.

What about sending them a maliciously crafted doc file that runs a script that silently pushes the patch to the repository?

See? it was not that hard!

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds