Apache software is integral to nearly every end user computing device, from laptops to tablets to mobile devices across enterprises and mission-critical applications. The ASF’s all-volunteer community grew from 21 original founders overseeing the Apache HTTP Server to 850+ individual Members and 200 Project Management Committees who successfully lead 350+ Apache projects and initiatives in collaboration with more than 8,100 Committers through the ASF’s meritocratic process known as "The Apache Way".
APACHE OPENOFFICE DRAW CODE
Where: Download Apache OpenOffice v4.1.10 at Ģ4 October 2020 - 300 million downloads of Apache OpenOfficeġ4 October 2020 - 20 year anniversary of OpenOfficeġ8 October 2016 - 200 million downloads of Apache OpenOfficeġ7 April 2014 - 100 million downloads of Apache OpenOfficeġ7 October 2012 - OpenOffice graduated as an Apache Top Level Project (TLP)ġ3 June 2011 - entered the Apache IncubatorĪbout The Apache Software Foundation (ASF)Įstablished in 1999, The Apache Software Foundation is the world’s largest Open Source foundation, stewarding 227M+ lines of code and providing more than $20B+ worth of software to the public at 100% no cost.
During the analysis of this issue, it was discovered that an incorrect bug fix was made by the StarOffice/ developers preparing OpenOffice 2.0 in 2005, whilst under the auspices of Sun Microsystems. When: The vulnerability predates OpenOffice entering the Apache Incubator. Best practice dictates to be careful when opening documents from unknown and unverified sources. Why: The mitigation in Apache OpenOffice 4.1.10 assures that a security warning is displayed to give users the option of continuing to open the hyperlink. How: Applications of the OpenOffice suite handle non-http(s) hyperlinks in an insecure way, allowing for 1-click code execution on Windows and Xubuntu systems via malicious executable files hosted on Internet-accessible file shares. >Credit: Fabian Bräunlein and Lukas Euler of Positive Security CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks
0 kommentar(er)
