17 May 2012, 16:35

Apache details OpenOffice 3.4 security fixes - Update

Apache OpenOffice logo Following the release of Apache OpenOffice 3.4.0 last week, the Apache Software Foundation (ASF) has now detailed the security fixes included in the new version of the open source productivity suite. According to the ASF, the first stable release of OpenOffice under its governance addresses a total of three security vulnerabilities, all of which are rated as "important".

These include an integer overflow error when handling embedded images and a memory overwrite bug when loading WordPerfect files, both of which could allow for the execution of arbitrary code. The third hole is related to unchecked memory allocations in malformed PowerPoint files which the developers say could be used to cause a denial of service (DoS). Attacks on all these flaws would require the user to open a specially crafted file. OpenOffice.org 3.3 and the beta version of 3.4 are affected; earlier versions may also be vulnerable. The Security Team advises all users to upgrade to the final 3.4 release.

Update - The LibreOffice developers fixed both the embedded image integer overflow and PowerPoint denial of service in the release of LibreOffice 3.5.3 at the start of May. According to their advisories page, the WordPerfect issue did not affect LibreOffice.

In a separate announcement, the Apache OpenOffice Project has also published the preliminary download numbers for the 3.4 release. As of Wednesday 16 May, Apache OpenOffice 3.4 had been downloaded more than one million times from over 200 countries – the organisation notes that this figure does not include downloads of language packs, SDKs or source code packages.

Of the downloads, 87% were for Windows and 11% were for Mac OS X. Linux systems accounted for just 2% of the overall downloads, but this could be explained by the fact that a majority of distributions already ship with an office suite out of the box and many users have switched to LibreOffice.

See also: