openoffice-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <>
Subject [VOTE] Release apache-openoffice-4.1.2-patch1 Source
Date Wed, 03 Aug 2016 02:48:12 GMT
[BCC to PMC]

The Apache OpenOffice 4.1.2-patch1 source code mitigates the security vulnerability described
in the CVE-2016-1513 advisory <>.

The patch has been applied in the building of modified Apache 4.1.2 binaries.  The modified
binaries have been successfully used as the source of single modified shared-library files
that can be copied into existing Apache 4.1.2 programs in order to eliminate the vulnerability.

This ballot is for release of the source code on which replacement or patched Apache 4.1.2
binaries can be based.  The candidate source-code release for patch1 is the archive located at
There are accompanying hash files (.md5 and .sha256) and a digital signature file (.asc) for
the source-code archive.

Please vote by reply to this dev@-list thread on the approval of the candidate for release.

 [  ] +1 Approve, with description
 [  ]  0 Abstain
 [  ] -1 Disapprove, with explanation

For +1 Approve votes, please describe the results of verifying the patch materials and success
in building a 4.1.2 binary having the patch applied to a particular 4.1.2 binary build.  

Please do not do anything but [VOTE] (with any +1 descriptions and -1 explanations) on this

To discuss this vote or the process, please use a [DISCUSS][VOTE] reply rather than discussing
on the [VOTE] thread.

The [VOTE] will conclude no sooner than Monday, 2016-08-08T15:00Z.

 - Dennis E. Hamilton
   For the Apache OpenOffice Project Management Committee

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message