Security News > 2021 > October > Apache OpenOffice users should upgrade to newest security release!
The Apache Software Foundation has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed RCE vulnerability that could be triggered via a specially crafted document.
Apache OpenOffice is an open-source office productivity suite that includes a word processor, a spreadsheet tool, a presentation editor, a vector graphics drawing editor, a mathematical formula editor, and a database management program.
Apache OpenOffice 4.1.11 also comes with a fix for CVE-2021-40439, a security vulnerability in the third-party XML parser library included in the suite that allowed billion laughs attacks.
For information about other bugs fixed and enhancements/features introduced in Apache OpenOffice 4.1.11, check out the release notes.
"All users of Apache OpenOffice 4.1.10 or earlier are strongly advised to upgrade," the ASF noted.
"Windows 11 users can now also get Apache OpenOffice for selected languages in the Microsoft Store."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/YUfojk94HCY/
Related news
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-07 | CVE-2021-40439 | XXE vulnerability in Apache Openoffice Apache OpenOffice has a dependency on expat software. | 6.5 |
2021-09-23 | CVE-2021-33035 | Classic Buffer Overflow vulnerability in Apache Openoffice Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. | 7.8 |