You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Dave Fisher <wa...@apache.org> on 2021/10/11 03:05:49 UTC
CVE-2021-41832: Apache OpenOffice: Content Manipulation with
Certificate Validation Attack
Severity: moderate
Description:
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source.
All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11.
See CVE-2021-25635 for the LibreOffice advisory.
Credit:
Apache OpenOffice would like to thank Simon Rohlmann, Vladislav Mladenov, Christian Mainka, and Jorg Schwenk of Ruhr University Bochum, Germany