From owner-freebsd-questions@freebsd.org Fri Aug 19 23:54:18 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5943CBC0A85 for ; Fri, 19 Aug 2016 23:54:18 +0000 (UTC) (envelope-from brandon.wandersee@gmail.com) Received: from mail-io0-f182.google.com (mail-io0-f182.google.com [209.85.223.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 317DA119A for ; Fri, 19 Aug 2016 23:54:17 +0000 (UTC) (envelope-from brandon.wandersee@gmail.com) Received: by mail-io0-f182.google.com with SMTP id q83so63161847iod.1 for ; Fri, 19 Aug 2016 16:54:17 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:references:user-agent:from:to:cc:subject :in-reply-to:date:message-id:mime-version; bh=sr3mRN9/tdbGS805JJX/IkNQxKl4IM8GnLzR7gL8c2s=; b=jQWD8sAQLG+AVYRrgcBW9DC6oRz3RLSWk55cLQqbqTGOnl87qLunWQfow4gmOtvyiS CRReSFSZRTy+nzk+Fl3PONEHTTD+DuIITGFsltws7xPGdY1Q+3rB+OfYjlQzsDAzdmdr pWuvM6T48gs0eCDLFz1spkc5zqUqSLUyQYkWVK+1uDpZN3m/oBUyWZki3L04cXrXjFs/ dlOXiyJqOfGu7WxJ/JHyvn3M1q3Etv9kWdiq3IPsq4MuNQxH6im++hNOvlzOWln0YEFd CEl+pHlis13SJAeIImrP7/vg7UsuRjYz0U4NeyHqxOovsX/TXZ5PJQdTZwnTyd4riwCA 4LrQ== X-Gm-Message-State: AEkooutOUgEM5Edmtb4VqFO0crP0ClTyVSJI61mFrmHN+/AI0eAIBprh/UYegjQKcXhaWQ== X-Received: by 10.107.128.200 with SMTP id k69mr14388070ioi.65.1471650851220; Fri, 19 Aug 2016 16:54:11 -0700 (PDT) Received: from WorkBox.Home.gmail.com (63-231-135-160.mpls.qwest.net. [63.231.135.160]) by smtp.gmail.com with ESMTPSA id q204sm3110677itc.19.2016.08.19.16.54.09 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 19 Aug 2016 16:54:09 -0700 (PDT) References: <1471641079.53058.3.camel@yandex.com> User-agent: mu4e 0.9.16; emacs 24.5.1 From: Brandon J. Wandersee To: Stari Karp Cc: FreeBSD Questions Subject: Re: LibreOffice vulnerabilities In-reply-to: <1471641079.53058.3.camel@yandex.com> Date: Fri, 19 Aug 2016 18:54:11 -0500 Message-ID: <86a8g8mi1o.fsf@WorkBox.Home> MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Aug 2016 23:54:18 -0000 Stari Karp writes: > Hi! > > I have installed and I use LibreOffice Version: 5.0.6.3 > Build ID: FreeBSD ports 5.0.6_2 > Locale: en-US (en_US.UTF-8). > > When I run pkg audit I get: > > libreoffice-5.0.6_2 is vulnerable: > libreoffice -- use-after-free vulnerability > CVE: CVE-2016-4324 > WWW: https://vuxml.FreeBSD.org/freebsd/3159cd70-4aaa-11e6-a7bd-14dae9d2 > 10b8.html > > It is dangerous for using it or is safe, please? > Read the vulnerability report and determine whether it affects you. You're going to see them regularly, so get used to reading them. In this case, unless you open lots of RTF files or Korean documents from strangers you can't trust, you've got nothing to worry about. -- :: Brandon J. Wandersee :: brandon.wandersee@gmail.com :: -------------------------------------------------- :: 'The best design is as little design as possible.' :: --- Dieter Rams ----------------------------------