"Open source projects always want more resources," said Thomas during a phone interview. CVE-2017-12608: Out-of-Bounds Write in Writer's ImportOldFormatStylesĪsked whether the AOO has enough people looking at its code to keep it secure, Thomas said there's nothing about the project that causes him grave concern.CVE-2017-12607: Out-of-Bounds Write in Impress' PPT Filter.CVE-2017-9806: Out-of-Bounds Write in Writer's WW8Fonts Constructor.CVE-2017-3157: Arbitrary file disclosure in Calc and Writer.The four fixes, published a week after the release announcement, were: "Not all reports are valid so it is expected that the number of issues announced is lower."
"Those numbers represent the total number of reports (valid and invalid) received for each project," said Mark Thomas, a member of the Apache Software Foundation security team, in an email to The Register.
0 kommentar(er)
