Bug 58295 - CVE-2012-5639
Summary: CVE-2012-5639
Status: RESOLVED INVALID
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
unspecified
Hardware: All All
: medium enhancement
Assignee: Not Assigned
URL: http://seclists.org/oss-sec/2012/q4/453
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-12-14 14:53 UTC by Moritz Mühlenhoff
Modified: 2013-12-02 10:41 UTC (History)
3 users (show)

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Mühlenhoff 2012-12-14 14:53:47 UTC 
FYI: CVE-2012-5639 was assigned on the oss-security mailing list to the lack of a warning when accessing external file references in LibreOffice

Please see http://seclists.org/oss-sec/2012/q4/453 for the discussion.
Comment 1 Joel Madero 2013-11-25 00:00:28 UTC 
Marking this as INVALID - there really isn't a bug report here. We would need what the exact problem is as well as reproducible steps. I quickly reviewed the link you provided - if there is a specific request please put it explicitly on our bug tracker as we don't like having requests on different infra that we just get a link to.

Thanks for your understanding and apologies for the long delay. Also removed "security" as this isn't a bug (it's a feature request) and a feature request isn't a security vulnerability, it's just a request for something additional added.
Comment 2 Stephan Bergmann 2013-12-02 10:41:30 UTC 
See <http://whatofhow.wordpress.com/2013/12/02/stealth-mode/> for a feature that has been implemented starting in LO 4.2 to address rhbz#887420 and CVE-2012-5639.