openoffice-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From git-site-r...@apache.org
Subject [openoffice-org] branch asf-staging updated: git-site-role commit from build_staging.sh
Date Sat, 15 May 2021 16:10:31 GMT
This is an automated email from the ASF dual-hosted git repository.

git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/openoffice-org.git


The following commit(s) were added to refs/heads/asf-staging by this push:
     new cbe12a2  git-site-role commit from build_staging.sh
cbe12a2 is described below

commit cbe12a2a5b6890b223d7eab10485ed418393c05c
Author: jenkins <builds@apache.org>
AuthorDate: Sat May 15 16:10:28 2021 +0000

    git-site-role commit from build_staging.sh
---
 content/feed.xml                         |   4 +-
 content/security/CVE-2006-2198.html      |  71 -------
 content/security/CVE-2006-2199.html      |  84 --------
 content/security/CVE-2006-3117.html      |  78 -------
 content/security/alerts.html             |  43 ++--
 content/security/bulletin-20060629.html  |  43 ----
 content/security/bulletin.html           | 349 +++++++++++++++----------------
 content/security/cves/CVE-YYYY-XXXX.html | 132 +++++++-----
 content/security/faq.html                | 276 +++++++++++++-----------
 content/security/index.html              | 104 +++++----
 10 files changed, 489 insertions(+), 695 deletions(-)

diff --git a/content/feed.xml b/content/feed.xml
index 8117afd..2f95c2d 100644
--- a/content/feed.xml
+++ b/content/feed.xml
@@ -6,8 +6,8 @@
     <atom:link href="http://localhost:8820/feed.xml" rel="self" type="application/rss+xml" />
     <description>OpenOffice.org Feed</description>
     <language>en-us</language>
-    <pubDate>Sat, 15 May 2021 14:09:11 +0000</pubDate>
-    <lastBuildDate>Sat, 15 May 2021 14:09:11 +0000</lastBuildDate>
+    <pubDate>Sat, 15 May 2021 16:09:13 +0000</pubDate>
+    <lastBuildDate>Sat, 15 May 2021 16:09:13 +0000</lastBuildDate>
     
 
   </channel> 
diff --git a/content/security/CVE-2006-2198.html b/content/security/CVE-2006-2198.html
deleted file mode 100644
index e4d11d4..0000000
--- a/content/security/CVE-2006-2198.html
+++ /dev/null
@@ -1,71 +0,0 @@
-
-<!--#include virtual="/doctype.html" -->
-<html>
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-    
-    <link href="/css/ooo.css" rel="stylesheet" type="text/css">
-    
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<title>CVE-2006-2198</title>
-  <style type="text/css">
-/*<![CDATA[*/
-    hr { display: block }
-  /*]]>*/
-  </style>
-
-    
-    <script src="https://www.apachecon.com/event-images/snippet.js"></script>
-  </head>
-  <body>
-    <!--#include virtual="/brand.html" -->
-    <div id="topbara">
-      <!--#include virtual="/topnav.html" -->
-      <div id="breadcrumbsa"><a href="/">home</a>&nbsp;&raquo;&nbsp;<a href="/security/">security</a></div>
-    </div>
-    <div id="clear"></div>
-      
-      
-    <div id="content">
-      
-      
-<h2>Macro, CVE-2006-2198</h2>
-<h3>Macro Vulnerability</h3>
-<ul>
-  <li> <strong>Synopsis: </strong>Security Vulnerability With Macros in OpenOffice.org
-  <li> <strong>Issue ID: </strong>66863
-  <li> <strong>State: </strong>Resolved
-</ul>
-<h4>1. Impact</h4>
-<p>A security vulnerability in OpenOffice.org may make it possible to inject basic code into documents which is executed upon loading of the document. The user will not be asked or notified and the macro will have full access to system resources with current user's privileges. As a result, the macro may delete/replace files, read/send private data and/or cause additional security issues.</p>
-<p><b>Note:</b> Disabling document macros will not prevent this issue.</p>
-<p>
-This issue is also described in<br>
-CVE-2006-2198, <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-2198">http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-2198</a>,
-<br>
-Sun Alert 102490,
-<a href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1">
-http://sunsolve.sun.com/search/document.do?assetkey=1-26-102490-1</a>
-</p>
-<h4>2. Contributing Factors</h4>
-<p>This issue can occur in the following releases:</p>
-<p><strong>OpenOffice.org 1.1.x,</strong> <strong>OpenOffice.org 2.0.x</strong></p>
-<h4>3. Symptoms</h4>
-<p>There are no predictable symptoms that would indicate the described issue has been exploited.</p>
-<h4>4. Relief/Workaround</h4>
-<p>There is no workaround. Please see the &quot;Resolution&quot; section below.</p>
-<h4>5. Resolution</h4>
-<p>This issue is addressed in the following releases:</p>
-<p><strong>OpenOffice.org 1.1.5 Patch, OpenOffice.org 2.0.3</strong></p>
-    <hr />
-    <p>
-      <a href="//security/">Security Home</a> -> 
-        <a href="//security/bulletin.html">Bulletin</a> ->
-        <a href="//security/cves/CVE-2006-2198.html">CVE-2006-2198</a>
-    </p>
-
-      
-    </div>
-    <!--#include virtual="/footer.html" -->
-  </body>
-</html>
diff --git a/content/security/CVE-2006-2199.html b/content/security/CVE-2006-2199.html
deleted file mode 100644
index 6be4cf7..0000000
--- a/content/security/CVE-2006-2199.html
+++ /dev/null
@@ -1,84 +0,0 @@
-
-<!--#include virtual="/doctype.html" -->
-<html>
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-    
-    <link href="/css/ooo.css" rel="stylesheet" type="text/css">
-    
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<title>CVE-2006-2199</title>
-  <style type="text/css">
-/*<![CDATA[*/
-    hr { display: block }
-  /*]]>*/
-  </style>
-
-
-    
-    <script src="https://www.apachecon.com/event-images/snippet.js"></script>
-  </head>
-  <body>
-    <!--#include virtual="/brand.html" -->
-    <div id="topbara">
-      <!--#include virtual="/topnav.html" -->
-      <div id="breadcrumbsa"><a href="/">home</a>&nbsp;&raquo;&nbsp;<a href="/security/">security</a></div>
-    </div>
-    <div id="clear"></div>
-      
-      
-    <div id="content">
-      
-      
-<h2>Java Applets, CVE-2006-2199</h2>
-<h3>Java Applets </h3>
-<ul><li><strong>Synopsis:</strong> Security Vulnerability With Java Applets in OpenOffice.org </li>
-    <li> <strong>Issue ID:</strong> 66862</li>
-    <li> <strong>State:</strong> Resolved</li>
-</ul>
-<h4><strong>1. Impact</strong></h4>
-<p>A security vulnerability related to OpenOffice.org documents may allow certain Java applets to break through the &quot;sandbox&quot; and therefore have full access to system resources with current user privileges. The offending Applets may be constructed to destroy/replace files, read or send private data, and/or cause additional security issues.</p>
-<p>This issue is also described in
-<br>
-CVE-2006-2199,
-<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-2199">http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-2199</a>,
-<br>Sun Alert 102475
-<a href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1">
-http://sunsolve.sun.com/search/document.do?assetkey=1-26-102475-1</a>
-</p>
-<h4><strong>2. Contributing Factors</strong></h4>
-<p>This issue can occur in the following releases:</p>
-<p><strong>OpenOffice.org 1.1.x, OpenOffice.org 2.0.x</strong></p>
-<h4><strong>3. Symptoms</strong></h4>
-<p>There are no predictable symptoms that would indicate the described issue has been exploited.</p>
-<h4><strong>4. Relief/Workaround</strong></h4>
-<p>To work around the described issue, disable support for Java Applets (for OpenOffice.org) by doing the following:</p>
-<p><strong>OpenOffice.org 1.x :</strong></p>
-<p>In options dialog: Select --&gt; Tools/Options/OpenOffice.org/Security --&gt; uncheck &quot;Enable Applets&quot;</p>
-<p><strong>OpenOffice.org 2.x </strong></p>
-<p>There is no longer a User Interface (UI) for configuring this option in OpenOffice.org 2.0; the change must be done in configuration files with a text editor. Add the following into your OpenOffice.org settings (typically) for this file <code>&quot;~/.openoffice2.0/user/registry/data/org/openoffice/Office/Common.xcu&quot;:</code></p>
-<p><code>&lt;node oor:name=&quot;Java&quot;&gt;<br>
-&lt;node oor:name=&quot;Applet&quot;&gt;<br>
-&lt;prop oor:name=&quot;Enable&quot; oor:type=&quot;xs:boolean&quot;&gt;<br>
-&lt;value&gt;false&lt;/value&gt;<br>
-&lt;/prop&gt;<br>
-&lt;/node&gt;<br>
-&lt;/node&gt;</code></p>
-<h4>5. Resolution</h4>
-<p>This issue is addressed in the following releases:</p>
-<p><strong>OpenOffice.org 1.1.5 Patch, OpenOffice.org 2.0.3</strong></p>
-<p><strong>Notes:</strong></p>
-<p>With the updated versions for OpenOffice.org, support for Java applets in OpenOffice.org will be disabled.</p>
-<p>&nbsp;</p>
-    <hr />
-    <p>
-      <a href="//security/">Security Home</a> -> 
-        <a href="//security/bulletin.html">Bulletin</a> ->
-        <a href="//security/cves/CVE-2006-2199.html">CVE-2006-2199</a>
-    </p>
-
-      
-    </div>
-    <!--#include virtual="/footer.html" -->
-  </body>
-</html>
diff --git a/content/security/CVE-2006-3117.html b/content/security/CVE-2006-3117.html
deleted file mode 100644
index 4faffe6..0000000
--- a/content/security/CVE-2006-3117.html
+++ /dev/null
@@ -1,78 +0,0 @@
-
-<!--#include virtual="/doctype.html" -->
-<html>
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-    
-    <link href="/css/ooo.css" rel="stylesheet" type="text/css">
-    
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<title>CVE-2006-3117</title>
-  <style type="text/css">
-/*<![CDATA[*/
-    hr { display: block }
-  /*]]>*/
-  </style>
-
-
-    
-    <script src="https://www.apachecon.com/event-images/snippet.js"></script>
-  </head>
-  <body>
-    <!--#include virtual="/brand.html" -->
-    <div id="topbara">
-      <!--#include virtual="/topnav.html" -->
-      <div id="breadcrumbsa"><a href="/">home</a>&nbsp;&raquo;&nbsp;<a href="/security/">security</a></div>
-    </div>
-    <div id="clear"></div>
-      
-      
-    <div id="content">
-      
-      
-<h2>File Format, CVE-2006-3117</h2>
-<h3>File Format</h3>
-<ul>
-  <li><strong>Synopsis</strong>: File Format / Buffer Overflow Vulnerability: Loading malformed XML documents can cause buffer overflows and crash OpenOffice.org.</li>
-  <li><strong>Issue ID:</strong> 66866</li>
-  <li><strong>State:</strong> Resolved</li>
-</ul>
-<h4> 1. Impact: </h4>
-<p> The buffer overflow allows for a value to be written to an arbitrary location in memory. This may lead to command execution in the context of the current user. </p>
-<p> This issue is also described in
-<br>
- CVE-2006-3117 at: <a HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-3117">http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-3117</a>,
-<br>NGSSoftware Advisory, 
-<a href="http://www.ngssoftware.com/advisories/openoffice.txt">
-http://www.ngssoftware.com/advisories/openoffice.txt</a>
-<br>
-Sun Alert 102501,
-<a href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1">
-http://sunsolve.sun.com/search/document.do?assetkey=1-26-102501-1
-</a>
-</p>
-<h4> 2. Contributing Factors: </h4>
-<p> This issue can occur in the following releases:<strong> OpenOffice.org 1.1.x</strong> and <strong>OpenOffice.org 2.0.x</strong> </p>
-<h4> 3. Symptoms: </h4>
-<p> OpenOffice.org can crash due to internal buffer overflows when loading a malformed document. </p>
-<h4> 4. Relief/Workaround:</h4>
-<p> None.</p>
-<h4> 5. Resolution: </h4>
-<p><strong>OpenOffice.org 1.1.5 Patch, OpenOffice.org 2.0.3</strong></p>
-<h4> 6. Credits: </h4>
-<p>
-Wade Alcorn of NGSSoftware discovered the vulnerability and aided in the explanation/fix.
-</P>
-<p>&nbsp;</p>
-    <hr />
-    <p>
-      <a href="//security/">Security Home</a> -> 
-        <a href="//security/bulletin.html">Bulletin</a> ->
-        <a href="//security/cves/CVE-2006-3117.html">CVE-2006-3117</a>
-    </p>
-
-      
-    </div>
-    <!--#include virtual="/footer.html" -->
-  </body>
-</html>
diff --git a/content/security/alerts.html b/content/security/alerts.html
index c5ba82e..735b5f5 100644
--- a/content/security/alerts.html
+++ b/content/security/alerts.html
@@ -7,11 +7,10 @@
     <link href="/css/ooo.css" rel="stylesheet" type="text/css">
     
   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-
   <title>Apache OpenOffice Security Alerts</title>
-  <style type="text/css">
-/*<![CDATA[*/
-    hr { display: block }
+  <style>
+  /*<![CDATA[*/
+  hr { display: block }
   /*]]>*/
   </style>
 
@@ -30,29 +29,35 @@
     <div id="content">
       
       
+
   <h2>Apache OpenOffice Security Alerts</h2>
 
-  <p>The Apache OpenOffice Security Team publishes details of security
-  vulnerabilities in our <a href="https://www.openoffice.org/security/bulletin.html">Security
-  Bulletin</a>.</p>
+  <p>
+    The Apache OpenOffice Security Team publishes details of security vulnerabilities in our
+    <a href="https://www.openoffice.org/security/bulletin.html">Security Bulletin</a>.
+  </p>
 
-  <p>We also publish these alerts via the project's announcement list, <em>announce</em>.</p>
+  <p>
+    We also publish these alerts via the project's announcement list, <em>announce</em>.
+  </p>
 
-  <p>If you would like to subscribe to the list, please send a blank email to
-  <a href=
-  "mailto:announce-subscribe@openoffice.apache.org">announce-subscribe@openoffice.apache.org</a>.
-  You will be sent an email from instructions how to confirm your
-  subscription. Once you have confirmed your subscription, you will receive
-  any future emails from announce until you
-  unsubscribe.</p>
+  <p>
+    If you would like to subscribe to the list, please send a blank email to
+    <a href="mailto:announce-subscribe@openoffice.apache.org">announce-subscribe@openoffice.apache.org</a>.
+    You will be sent an email from instructions how to confirm your subscription. Once you
+    have confirmed your subscription, you will receive any future emails from announce until
+    you unsubscribe.
+  </p>
 
-  <p>Please note that the mailing list is fully automated, so if you use
-  spam-filtering software, please make sure it will accept emails from
-  <em>announce@openoffice.apache.org</em> <u>before</u> you try and
-  subscribe.</p>
+  <p>
+    Please note that the mailing list is fully automated, so if you use spam-filtering
+    software, please make sure it will accept emails from
+    <em>announce@openoffice.apache.org</em> <u>before</u> you try and subscribe.
+  </p>
 
   <a href="https://openoffice.apache.org/security.html">Security Reports</a>
 
+
       
     </div>
     <!--#include virtual="/footer.html" -->
diff --git a/content/security/bulletin-20060629.html b/content/security/bulletin-20060629.html
deleted file mode 100644
index c853baf..0000000
--- a/content/security/bulletin-20060629.html
+++ /dev/null
@@ -1,43 +0,0 @@
-
-<!--#include virtual="/doctype.html" -->
-<html>
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-    
-    <link href="/css/ooo.css" rel="stylesheet" type="text/css">
-    
- <title>
-         Security Bulletin 2006-06-29
-    </title>
-
-
-    
-    <script src="https://www.apachecon.com/event-images/snippet.js"></script>
-  </head>
-  <body>
-    <!--#include virtual="/brand.html" -->
-    <div id="topbara">
-      <!--#include virtual="/topnav.html" -->
-      <div id="breadcrumbsa"><a href="/">home</a>&nbsp;&raquo;&nbsp;<a href="/security/">security</a></div>
-    </div>
-    <div id="clear"></div>
-      
-      
-    <div id="content">
-      
-      
-
-<h2>Security Bulletin 2006-06-29</h2>
-<p>OpenOffice.org 2.0.3 fixes three security vulnerabilites that have been found through internal security audits. Although there are currently no known exploits, we urge all users of 2.0.x prior to 2.0.2 to upgrade to the new version or install their vendor's patches accordingly. Patches for users of OpenOffice.org 1.1.5 will be available shortly.</p>
-<p>The three vulnerabilities involve:</p>
-<ul>
-  <li><a href="CVE-2006-2199.html"> Java Applets, CVE-2006-2199</a></li>
-  <li><a href="CVE-2006-2198.html">Macro, CVE-2006-2198</a>; and</li>
-  <li><a href="CVE-2006-3117.html">File Format, CVE-2006-3117</a></li>
-</ul>
-
-      
-    </div>
-    <!--#include virtual="/footer.html" -->
-  </body>
-</html>
diff --git a/content/security/bulletin.html b/content/security/bulletin.html
index 72f9058..6258024 100644
--- a/content/security/bulletin.html
+++ b/content/security/bulletin.html
@@ -6,15 +6,14 @@
     
     <link href="/css/ooo.css" rel="stylesheet" type="text/css">
     
-  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <title>Apache OpenOffice Security Team Bulletin</title>
-  <style type="text/css">
+  <style>
   /*<![CDATA[*/
-    hr { display: block }
+  hr { display: block }
   /*]]>*/
   </style>
 
-
     
     <script src="https://www.apachecon.com/event-images/snippet.js"></script>
   </head>
@@ -31,242 +30,238 @@
       
       
 
-<!-- This page needs further adjustment to avoid style conflicts with
-     the HTML5 wrappers that it is embedded under.
--->
-
-<h2>Apache OpenOffice Security Team Bulletin</h2>
+  <h2>Apache OpenOffice Security Team Bulletin</h2>
 
-<p>
-  <strong>
-    If you want to stay up to date on Apache OpenOffice security announcements, please subscribe to our <a href="alerts.html">security-alerts mailing list</a>.
-  </strong>
-</p>
+  <p>
+    <strong>If you want to stay up to date on Apache OpenOffice security announcements, please
+    subscribe to our <a href="alerts.html">security-alerts mailing list</a>.</strong>
+  </p>
 
-<h3>Fixed in Apache OpenOffice 4.1.10</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.10</h3>
 
-<ul>
-  <li><a href="cves/CVE-2021-30245.html">CVE-2021-30245</a>: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks </li>
-</ul> 
+  <ul>
+   <li><a href="cves/CVE-2021-30245.html">CVE-2021-30245</a>: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks</li>
+  </ul> 
 
-<h3>Fixed in Apache OpenOffice 4.1.8</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.8</h3>
 
-<ul>
-  <li><a href="cves/CVE-2020-13958.html">CVE-2020-13958</a>: Unrestricted actions leads to arbitrary code execution in crafted documents </li>
-</ul> 
+  <ul>
+    <li><a href="cves/CVE-2020-13958.html">CVE-2020-13958</a>: Unrestricted actions leads to arbitrary code execution in crafted documents</li>
+  </ul> 
 
-<h3>Fixed in Apache OpenOffice 4.1.7</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.7</h3>
 
-<ul>
-  <li><a href="cves/CVE-2019-9853.html">CVE-2019-9853</a>: Insufficient URL decoding flaw in categorizing macro location </li>
-</ul> 
+  <ul>
+    <li><a href="cves/CVE-2019-9853.html">CVE-2019-9853</a>: Insufficient URL decoding flaw in categorizing macro location</li>
+  </ul> 
 
-<h3>Fixed in Apache OpenOffice 4.1.6</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.6</h3>
 
-<ul>
-  <li><a href="cves/CVE-2018-11790.html">CVE-2018-11790</a>: Arithmetic overflow and wrap around during string length calculation </li>
-</ul> 
+  <ul>
+    <li><a href="cves/CVE-2018-11790.html">CVE-2018-11790</a>: Arithmetic overflow and wrap around during string length calculation </li>
+  </ul> 
 
-<h3>Fixed in Apache OpenOffice 4.1.5</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.5</h3>
 
-<ul>
-  <li>No security vulnerabilities fixed in this release</li>
-</ul>
+  <ul>
+    <li>No security vulnerabilities fixed in this release</li>
+  </ul>
 
-<h3>Fixed in Apache OpenOffice 4.1.4</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.4</h3>
 
-<ul>
-  <li><a href="cves/CVE-2017-3157.html">CVE-2017-3157</a>:  Arbitrary file disclosure in Calc and Writer</li>
-  <li><a href="cves/CVE-2017-9806.html">CVE-2017-9806</a>:  Out-of-Bounds Write in Writer's WW8Fonts Constructor</li>
-  <li><a href="cves/CVE-2017-12607.html">CVE-2017-12607</a>:  Out-of-Bounds Write in Impress' PPT Filter</li>
-  <li><a href="cves/CVE-2017-12608.html">CVE-2017-12608</a>:  Out-of-Bounds Write in Writer's ImportOldFormatStyles</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2017-3157.html">CVE-2017-3157</a>:  Arbitrary file disclosure in Calc and Writer</li>
+    <li><a href="cves/CVE-2017-9806.html">CVE-2017-9806</a>:  Out-of-Bounds Write in Writer's WW8Fonts Constructor</li>
+    <li><a href="cves/CVE-2017-12607.html">CVE-2017-12607</a>:  Out-of-Bounds Write in Impress' PPT Filter</li>
+    <li><a href="cves/CVE-2017-12608.html">CVE-2017-12608</a>:  Out-of-Bounds Write in Writer's ImportOldFormatStyles</li>
+  </ul>
 
-<h3>Fixed in Apache OpenOffice 4.1.3</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.3</h3>
 
-<ul>
-  <li><a href="cves/CVE-2016-1513.html">CVE-2016-1513</a>: Memory Corruption Vulnerability (Impress Presentations)</li>
-  <li><a href="cves/CVE-2016-6803.html">CVE-2016-6803</a>: Windows Installer Can Enable Privileged Trojan Execution</li>
-  <li><a href="cves/CVE-2016-6804.html">CVE-2016-6804</a>: Windows Installer Execution of Arbitrary Code with Elevated Privileges</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2016-1513.html">CVE-2016-1513</a>: Memory Corruption Vulnerability (Impress Presentations)</li>
+    <li><a href="cves/CVE-2016-6803.html">CVE-2016-6803</a>: Windows Installer Can Enable Privileged Trojan Execution</li>
+    <li><a href="cves/CVE-2016-6804.html">CVE-2016-6804</a>: Windows Installer Execution of Arbitrary Code with Elevated Privileges</li>
+  </ul>
 
-<h3>Fixed in Apache OpenOffice 4.1.2</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.2</h3>
 
-<ul>
-  <li><a href="cves/CVE-2015-1774.html">CVE-2015-1774</a>: Out-of-Bounds Write in HWP File Filter</li>
-  <li><a href="cves/CVE-2015-4551.html">CVE-2015-4551</a>: Targeted Data Disclosure</li>
-  <li><a href="cves/CVE-2015-5212.html">CVE-2015-5212</a>: ODF Printer Settings Vulnerability</li>
-  <li><a href="cves/CVE-2015-5213.html">CVE-2015-5213</a>: .DOC Document Vulnerability</li>
-  <li><a href="cves/CVE-2015-5214.html">CVE-2015-5214</a>: .DOC Bookmarks Vulnerability</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2015-1774.html">CVE-2015-1774</a>: Out-of-Bounds Write in HWP File Filter</li>
+    <li><a href="cves/CVE-2015-4551.html">CVE-2015-4551</a>: Targeted Data Disclosure</li>
+    <li><a href="cves/CVE-2015-5212.html">CVE-2015-5212</a>: ODF Printer Settings Vulnerability</li>
+    <li><a href="cves/CVE-2015-5213.html">CVE-2015-5213</a>: .DOC Document Vulnerability</li>
+    <li><a href="cves/CVE-2015-5214.html">CVE-2015-5214</a>: .DOC Bookmarks Vulnerability</li>
+  </ul>
 
-<h3>Fixed in Apache OpenOffice 4.1.1</h3>
+  <h3>Fixed in Apache OpenOffice 4.1.1</h3>
 
-<ul>
-  <li><a href="cves/CVE-2014-3575.html">CVE-2014-3575</a>: Targeted Data Exposure Using Crafted OLE Objects in Apache OpenOffice</li>
-  <li><a href="cves/CVE-2014-3524.html">CVE-2014-3524</a>: Calc Command Injection Vulnerability in Apache OpenOffice</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2014-3575.html">CVE-2014-3575</a>: Targeted Data Exposure Using Crafted OLE Objects in Apache OpenOffice</li>
+    <li><a href="cves/CVE-2014-3524.html">CVE-2014-3524</a>: Calc Command Injection Vulnerability in Apache OpenOffice</li>
+  </ul>
 
-<h3>Fixed in Apache OpenOffice 4.0.0</h3>
+  <h3>Fixed in Apache OpenOffice 4.0.0</h3>
 
-<ul>
-  <li><a href="cves/CVE-2013-2189.html">CVE-2013-2189</a>: DOC Memory Corruption Vulnerability in Apache OpenOffice</li>
-  <li><a href="cves/CVE-2013-4156.html">CVE-2013-4156</a>: DOCM Memory Corruption Vulnerability in Apache OpenOffice</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2013-2189.html">CVE-2013-2189</a>: DOC Memory Corruption Vulnerability in Apache OpenOffice</li>
+    <li><a href="cves/CVE-2013-4156.html">CVE-2013-4156</a>: DOCM Memory Corruption Vulnerability in Apache OpenOffice</li>
+  </ul>
 
-<h3>Fixed in Apache OpenOffice 3.4.1</h3>
+  <h3>Fixed in Apache OpenOffice 3.4.1</h3>
 
-<ul>
-  <li><a href="cves/CVE-2012-2665.html">CVE-2012-2665</a>: Manifest-processing errors in Apache OpenOffice 3.4.0</li>
-  <li><a href="cves/CVE-2013-1571.html">CVE-2013-1571</a>: Frame Injection Vulnerability in SDK JavaDoc</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2012-2665.html">CVE-2012-2665</a>: Manifest-processing errors in Apache OpenOffice 3.4.0</li>
+    <li><a href="cves/CVE-2013-1571.html">CVE-2013-1571</a>: Frame Injection Vulnerability in SDK JavaDoc</li>
+  </ul>
 
-<h3>Fixed in Apache OpenOffice 3.4.0</h3>
+  <h3>Fixed in Apache OpenOffice 3.4.0</h3>
 
-<ul>
-  <li><a href="cves/CVE-2012-1149.html">CVE-2012-1149</a>: OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object</li>
-  <li><a href="cves/CVE-2012-2149.html">CVE-2012-2149</a>: OpenOffice.org memory overwrite vulnerability</li>
-  <li><a href="cves/CVE-2012-2334.html">CVE-2012-2334</a>: Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2012-1149.html">CVE-2012-1149</a>: OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object</li>
+    <li><a href="cves/CVE-2012-2149.html">CVE-2012-2149</a>: OpenOffice.org memory overwrite vulnerability</li>
+    <li><a href="cves/CVE-2012-2334.html">CVE-2012-2334</a>: Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0</li>
+  </ul>
 
-<h3>Patches for OpenOffice.org 3.3</h3>
+  <h3>Patches for OpenOffice.org 3.3</h3>
 
-<ul>
-  <li><a href="cves/CVE-2012-0037.html">CVE-2012-0037</a>: OpenOffice.org data leakage vulnerability</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2012-0037.html">CVE-2012-0037</a>: OpenOffice.org data leakage vulnerability</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 3.3</h3>
+  <h3>Fixed in OpenOffice.org 3.3</h3>
 
-<ul>
-  <li><a href="cves/CVE-2010-2935_CVE-2010-2936.html">CVE-2010-2935 / CVE-2010-2936</a>: Security Vulnerability in OpenOffice.org related to PowerPoint document processing</li>
-  <li><a href="cves/CVE-2010-3450.html">CVE-2010-3450</a>: Security Vulnerability in OpenOffice.org related to Extensions and filter package files</li>
-  <li><a href="cves/CVE-2010-3451_CVE-2010-3452.html">CVE-2010-3451 / CVE-2010-3452</a>: Security Vulnerability in OpenOffice.org related to RTF document processing </li>
-  <li><a href="cves/CVE-2010-3453_CVE-2010-3454.html">CVE-2010-3453 / CVE-2010-3454</a>: Security Vulnerability in OpenOffice.org related to Word document processing  </li>
-  <li><a href="cves/CVE-2010-3689.html">CVE-2010-3689</a>: Insecure LD_LIBRARY_PATH usage in OpenOffice.org shell scripts </li>
-  <li><a href="cves/CVE-2010-3702_CVE-2010-3704.html">CVE-2010-3702 / CVE-2010-3704</a>: Security Vulnerability in OpenOffice.org's PDF Import extension resulting from 3rd party library XPDF</li>
-  <li><a href="cves/CVE-2010-4008_CVE-2010-4494.html">CVE-2010-4008 / CVE-2010-4494</a>: Possible Security Vulnerability in OpenOffice.org resulting from 3rd party library LIBXML2 </li>
-  <li><a href="cves/CVE-2010-4253.html">CVE-2010-4253</a>: Security Vulnerability in OpenOffice.org related to PNG file processing </li>
-  <li><a href="cves/CVE-2010-4643.html">CVE-2010-4643</a>: Security Vulnerability in OpenOffice.org related to TGA file processing  </li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2010-2935_CVE-2010-2936.html">CVE-2010-2935 / CVE-2010-2936</a>: Security Vulnerability in OpenOffice.org related to PowerPoint document processing</li>
+    <li><a href="cves/CVE-2010-3450.html">CVE-2010-3450</a>: Security Vulnerability in OpenOffice.org related to Extensions and filter package files</li>
+    <li><a href="cves/CVE-2010-3451_CVE-2010-3452.html">CVE-2010-3451 / CVE-2010-3452</a>: Security Vulnerability in OpenOffice.org related to RTF document processing </li>
+    <li><a href="cves/CVE-2010-3453_CVE-2010-3454.html">CVE-2010-3453 / CVE-2010-3454</a>: Security Vulnerability in OpenOffice.org related to Word document processing  </li>
+    <li><a href="cves/CVE-2010-3689.html">CVE-2010-3689</a>: Insecure LD_LIBRARY_PATH usage in OpenOffice.org shell scripts </li>
+    <li><a href="cves/CVE-2010-3702_CVE-2010-3704.html">CVE-2010-3702 / CVE-2010-3704</a>: Security Vulnerability in OpenOffice.org's PDF Import extension resulting from 3rd party library XPDF</li>
+    <li><a href="cves/CVE-2010-4008_CVE-2010-4494.html">CVE-2010-4008 / CVE-2010-4494</a>: Possible Security Vulnerability in OpenOffice.org resulting from 3rd party library LIBXML2 </li>
+    <li><a href="cves/CVE-2010-4253.html">CVE-2010-4253</a>: Security Vulnerability in OpenOffice.org related to PNG file processing </li>
+    <li><a href="cves/CVE-2010-4643.html">CVE-2010-4643</a>: Security Vulnerability in OpenOffice.org related to TGA file processing  </li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 3.2.1</h3>
+  <h3>Fixed in OpenOffice.org 3.2.1</h3>
 
-<ul>
-  <li><a href="cves/CVE-2009-3555.html">CVE-2009-3555</a>: OpenOffice.org 2 and 3 may be affected by the TLS/SSL Renegotiation Issue in 3rd Party Libraries</li>
-  <li><a href="cves/CVE-2010-0395.html">CVE-2010-0395</a>: Security vulnerability in OpenOffice.org related to python scripting</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2009-3555.html">CVE-2009-3555</a>: OpenOffice.org 2 and 3 may be affected by the TLS/SSL Renegotiation Issue in 3rd Party Libraries</li>
+    <li><a href="cves/CVE-2010-0395.html">CVE-2010-0395</a>: Security vulnerability in OpenOffice.org related to python scripting</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 3.2</h3>
+  <h3>Fixed in OpenOffice.org 3.2</h3>
 
-<ul>
-  <li><a href="cves/CVE-2006-4339.html">CVE-2006-4339</a>: Potential vulnerability from 3rd party libxml2 libraries</li>
-  <li><a href="cves/CVE-2009-0217.html">CVE-2009-0217</a>: Potential vulnerability from 3rd party libxmlsec libraries</li>
-  <li><a href="cves/CVE-2009-2493.html">CVE-2009-2493</a>: OpenOffice.org 3 for Windows bundles a vulnerable version of MSVC Runtime</li>
-  <li><a href="cves/CVE-2009-2949.html">CVE-2009-2949</a>: Potential vulnerability related to XPM file processing</li>
-  <li><a href="cves/CVE-2009-2950.html">CVE-2009-2950</a>: Potential vulnerability related to GIF file processing</li>
-  <li><a href="cves/CVE-2009-3301-3302.html">CVE-2009-3301/2</a>: Potential vulnerability related to MS-Word document processing</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2006-4339.html">CVE-2006-4339</a>: Potential vulnerability from 3rd party libxml2 libraries</li>
+    <li><a href="cves/CVE-2009-0217.html">CVE-2009-0217</a>: Potential vulnerability from 3rd party libxmlsec libraries</li>
+    <li><a href="cves/CVE-2009-2493.html">CVE-2009-2493</a>: OpenOffice.org 3 for Windows bundles a vulnerable version of MSVC Runtime</li>
+    <li><a href="cves/CVE-2009-2949.html">CVE-2009-2949</a>: Potential vulnerability related to XPM file processing</li>
+    <li><a href="cves/CVE-2009-2950.html">CVE-2009-2950</a>: Potential vulnerability related to GIF file processing</li>
+    <li><a href="cves/CVE-2009-3301-3302.html">CVE-2009-3301/2</a>: Potential vulnerability related to MS-Word document processing</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 3.1.1</h3>
+  <h3>Fixed in OpenOffice.org 3.1.1</h3>
 
-<ul>
-  <li><a href="cves/CVE-2009-0200-0201.html">CVE-2009-0200 / CVE-2009-0201</a>: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution</li>
-  <li><a href="cves/CVE-2009-2414-2416.html">CVE-2009-2414 / CVE-2009-2416</a>: Manipulated XML documents can lead to arbitrary code execution</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2009-0200-0201.html">CVE-2009-0200 / CVE-2009-0201</a>: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution</li>
+    <li><a href="cves/CVE-2009-2414-2416.html">CVE-2009-2414 / CVE-2009-2416</a>: Manipulated XML documents can lead to arbitrary code execution</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 3.1</h3>
+  <h3>Fixed in OpenOffice.org 3.1</h3>
 
-<ul>
-  <li>No security vulnerabilities fixed in this release</li>
-</ul>
+  <ul>
+    <li>No security vulnerabilities fixed in this release</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 3.0.1</h3>
+  <h3>Fixed in OpenOffice.org 3.0.1</h3>
 
-<ul>
-  <li>No security vulnerabilities fixed in this release</li>
-</ul>
+  <ul>
+    <li>No security vulnerabilities fixed in this release</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 3.0</h3>
+  <h3>Fixed in OpenOffice.org 3.0</h3>
 
-<ul>
-  <li>No security vulnerabilities fixed in this release</li>
-</ul>
+  <ul>
+    <li>No security vulnerabilities fixed in this release</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.4.3</h3>
+  <h3>Fixed in OpenOffice.org 2.4.3</h3>
 
-<ul>
-  <li><a href="cves/CVE-2009-0200-0201.html">CVE-2009-0200 / CVE-2009-0201</a>: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution</li>
-  <li><a href="cves/CVE-2009-2414-2416.html">CVE-2009-2414 / CVE-2009-2416</a>: Manipulated XML documents can lead to arbitrary code execution</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2009-0200-0201.html">CVE-2009-0200 / CVE-2009-0201</a>: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution</li>
+    <li><a href="cves/CVE-2009-2414-2416.html">CVE-2009-2414 / CVE-2009-2416</a>: Manipulated XML documents can lead to arbitrary code execution</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.4.2</h3>
+  <h3>Fixed in OpenOffice.org 2.4.2</h3>
 
-<ul>
-  <li><a href="cves/CVE-2008-2237.html">CVE-2008-2237</a>: Manipulated WMF files can lead to heap overflows and arbitrary code execution</li>
-  <li><a href="cves/CVE-2008-2238.html">CVE-2008-2238</a>: Manipulated EMF files can lead to heap overflows and arbitrary code execution</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2008-2237.html">CVE-2008-2237</a>: Manipulated WMF files can lead to heap overflows and arbitrary code execution</li>
+    <li><a href="cves/CVE-2008-2238.html">CVE-2008-2238</a>: Manipulated EMF files can lead to heap overflows and arbitrary code execution</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.4.1</h3>
+  <h3>Fixed in OpenOffice.org 2.4.1</h3>
 
-<ul>
-  <li><a href="cves/CVE-2008-2152.html">CVE-2008-2152</a>: Different kinds of manipulated files may lead to heap overflows and arbitrary code execution</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2008-2152.html">CVE-2008-2152</a>: Different kinds of manipulated files may lead to heap overflows and arbitrary code execution</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.4</h3>
+  <h3>Fixed in OpenOffice.org 2.4</h3>
 
-<ul>
-  <li><a href="cves/CVE-2007-4770.html">CVE-2007-4770/4771</a>: Manipulated ODF text documents containing XForms can lead to heap overflows and arbitrary code execution</li>
-  <li><a href="cves/CVE-2007-5745.html">CVE-2007-5745/5747</a>: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution</li>
-  <li><a href="cves/CVE-2007-5746.html">CVE-2007-5746</a>: Manipulated EMF files can lead to heap overflows and arbitrary code execution</li>
-  <li><a href="cves/CVE-2008-0320.html">CVE-2008-0320</a>: Manipulated OLE files can lead to heap overflows and arbitrary code execution</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2007-4770.html">CVE-2007-4770/4771</a>: Manipulated ODF text documents containing XForms can lead to heap overflows and arbitrary code execution</li>
+    <li><a href="cves/CVE-2007-5745.html">CVE-2007-5745/5747</a>: Manipulated Quattro Pro files can lead to heap overflows and arbitrary code execution</li>
+    <li><a href="cves/CVE-2007-5746.html">CVE-2007-5746</a>: Manipulated EMF files can lead to heap overflows and arbitrary code execution</li>
+    <li><a href="cves/CVE-2008-0320.html">CVE-2008-0320</a>: Manipulated OLE files can lead to heap overflows and arbitrary code execution</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.3.1</h3>
+  <h3>Fixed in OpenOffice.org 2.3.1</h3>
 
-<ul>
-  <li><a href="cves/CVE-2007-4575.html">CVE-2007-4575</a>: Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2007-4575.html">CVE-2007-4575</a>: Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.3</h3>
+  <h3>Fixed in OpenOffice.org 2.3</h3>
 
-<ul>
-  <li><a href="cves/CVE-2007-2834.html">CVE-2007-2834</a>: Manipulated TIFF files can lead to heap overflows and arbitrary code execution</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2007-2834.html">CVE-2007-2834</a>: Manipulated TIFF files can lead to heap overflows and arbitrary code execution</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.2.1</h3>
+  <h3>Fixed in OpenOffice.org 2.2.1</h3>
 
-<ul>
-  <li><a href="cves/CVE-2007-2754.html">CVE-2007-2754</a>: Integer overflow and heap-based buffer overflow vulnerability in 3rd party module (freetype)</li>
-  <li><a href="cves/CVE-2007-0245.html">CVE-2007-0245</a>: Manipulated RTF files can lead to heap overflows and arbitrary code execution</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2007-2754.html">CVE-2007-2754</a>: Integer overflow and heap-based buffer overflow vulnerability in 3rd party module (freetype)</li>
+    <li><a href="cves/CVE-2007-0245.html">CVE-2007-0245</a>: Manipulated RTF files can lead to heap overflows and arbitrary code execution</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.2</h3>
+  <h3>Fixed in OpenOffice.org 2.2</h3>
 
-<ul>
-  <li><a href="cves/CVE-2007-0239.html">CVE-2007-0239</a>: URL Handling Security Vulnerability (Linux/Solaris)</li>
-  <li><a href="cves/CVE-2007-0238.html">CVE-2007-0238</a>: StarCalc Vulnerability</li>
-  <li><a href="cves/CVE-2007-2.html">CVE-2007-002</a>: WordPerfect Import Vulnerability</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2007-0239.html">CVE-2007-0239</a>: URL Handling Security Vulnerability (Linux/Solaris)</li>
+    <li><a href="cves/CVE-2007-0238.html">CVE-2007-0238</a>: StarCalc Vulnerability</li>
+    <li><a href="cves/CVE-2007-2.html">CVE-2007-002</a>: WordPerfect Import Vulnerability</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.1</h3>
+  <h3>Fixed in OpenOffice.org 2.1</h3>
 
-<ul>
-  <li><a href="cves/CVE-2006-5870.html">CVE-2006-5870</a>: WMF/EMF Processing Failures</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2006-5870.html">CVE-2006-5870</a>: WMF/EMF Processing Failures</li>
+  </ul>
 
-<h3>Fixed in OpenOffice.org 2.0.3</h3>
+  <h3>Fixed in OpenOffice.org 2.0.3</h3>
 
-<ul>
-  <li><a href="cves/CVE-2006-2199.html">CVE-2006-2199</a>: Java Applets</li>
-  <li><a href="cves/CVE-2006-2198.html">CVE-2006-2198</a>: Macro</li>
-  <li><a href="cves/CVE-2006-3117.html">CVE-2006-3117</a>: File Format</li>
-</ul>
+  <ul>
+    <li><a href="cves/CVE-2006-2199.html">CVE-2006-2199</a>: Java Applets</li>
+    <li><a href="cves/CVE-2006-2198.html">CVE-2006-2198</a>: Macro</li>
+    <li><a href="cves/CVE-2006-3117.html">CVE-2006-3117</a>: File Format</li>
+  </ul>
 
-<hr />
+  <hr />
 
-<p><a href="http://security.openoffice.org/">Security Home</a> -&gt;
-  <a href="http://security.openoffice.org/bulletin.html">Bulletin</a>
-</p>
+  <p>
+    <a href="http://security.openoffice.org/">Security Home</a> -&gt;
+    <a href="http://security.openoffice.org/bulletin.html">Bulletin</a>
+  </p>
 
 
       
diff --git a/content/security/cves/CVE-YYYY-XXXX.html b/content/security/cves/CVE-YYYY-XXXX.html
index 2e4dea4..2311ce4 100644
--- a/content/security/cves/CVE-YYYY-XXXX.html
+++ b/content/security/cves/CVE-YYYY-XXXX.html
@@ -6,9 +6,9 @@
     
     <link href="/css/ooo.css" rel="stylesheet" type="text/css">
     
-  <title>CVE-YYYY-XXXX</title>
-  <style type="text/css"></style>
-
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <title>CVE-YYYY-XXXXX</title>
+  
     
     <script src="https://www.apachecon.com/event-images/snippet.js"></script>
   </head>
@@ -24,59 +24,81 @@
     <div id="content">
       
       
-  <h2><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=YYYY-XXXX">CVE-YYYY-XXXX</a></h2>
-
-  <h3>
-  Security vulnerability in OpenOffice.org related to XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-  </h3>
-
-  <ul>
-    <li><strong>Synopsis:</strong> 
-    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-   	</li>
-    <li><strong>State:</strong> Resolved</li>
-  </ul>
-
-  <h4>1. Impact</h4>
-
-  <p>
-  XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-  </p>
-
-  <h4>2. Affected releases</h4>
-
-  <ul>
-    <li>All versions of OpenOffice.org 3 prior to version 3.3</li>
-    <li>All versions of OpenOffice.org 2</li>
-  </ul>
-
-  <p>Note: Earlier versions of OpenOffice.org are no longer supported and will not be evaluated regarding this issue.</p>
-
-  <h4>3. Symptoms</h4>
-
-  <p>There are no predictable symptoms that would indicate this issue has occurred.</p>
-
-  <h4>4. Relief/Workaround</h4>
-
-  <p>
-  XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-  </p>
-
-  <h4>5. Resolution</h4>
-
-  <p>This issue is addressed in the following release: <strong>OpenOffice.org 3.3</strong></p>
+    <p>
+      <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=YYYY-XXXXX">CVE-YYYY-XXXXX</a>
+    </p>
+    <p>
+      <a href="https://www.openoffice.org/security/cves/CVE-YYYY-XXXXX.html">Apache OpenOffice Advisory</a>
+    </p>
+    <p style="text-align:center; font-size:largest">
+      <strong>CVE-YYYY-XXXXX Short description of the problem</strong>
+    </p>
+    <p style="text-align:center; font-size:larger">
+      <strong>Fixed in Apache OpenOffice X.Y.Z</strong>
+    </p>
+    <p>
+      <strong>Description</strong>
+    </p>
+    <p>
+      Long description of the problem
+    </p>
+    <p>
+      <strong>Severity: Choose from: High | Moderate | Low</strong>
+    </p>
+    <p>
+      There are no known exploits of this vulnerability.
+      <br />
+      A proof-of-concept demonstration exists.
+    </p>
+    <p>
+      Thanks to the reporter for discovering this issue.
+    </p>
+    <p>
+      <strong>Vendor: The Apache Software Foundation</strong>
+    </p>
+    <p>
+      <strong>Versions Affected</strong>
+    </p>
+    <p>
+      All Apache OpenOffice versions X.Y.Z and older are affected.
+      <br />
+      OpenOffice.org versions may also be affected.
+    </p>
+    <p>
+      <strong>Mitigation</strong>
+    </p>
+    <p>
+      Install Apache OpenOffice X.Y.Z for the latest maintenance and cumulative security fixes.
+      Use the Apache OpenOffice <a href="https://www.openoffice.org/download/">download page</a>.
+    </p>
+    <p>
+      <strong>Acknowledgments</strong>
+    </p>
+    <p>
+      The Apache OpenOffice Security Team would like to thank Firstname Lastname, Organization,
+      for discovering and reporting this attack vector.
+    </p>
+    <p>
+      <strong>Further Information</strong>
+    </p>
+    <p>
+      For additional information and assistance, consult the
+      <a href="https://forum.openoffice.org/">Apache OpenOffice Community Forums</a>
+      or make requests to the
+      <a href="mailto:users@openoffice.apache.org">users@openoffice.apache.org</a>
+      public mailing list.
+    </p>
+    <p>
+      The latest information on Apache OpenOffice security bulletins can be found at the
+      <a href="https://www.openoffice.org/security/bulletin.html">Bulletin Archive page</a>.
+    </p>
+    <hr />
+    <p>
+      <a href="https://security.openoffice.org">Security Home</a>-&gt;
+      <a href="https://www.openoffice.org/security/bulletin.html">Bulletin</a>-&gt;
+      <a href="https://www.openoffice.org/security/cves/CVE-YYYY-XXXXX.html">CVE-YYYY-XXXXX</a>
+    </p>
   
-  <h4>6. Comments</h4>
-
-  <p>
-  XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-  </p>
-
-  <hr />
-
-  <p><a href="//security/">Security Home</a> -&gt; <a href="//security/bulletin.html">Bulletin</a> -&gt; 
-  <a href="//security/cves/CVE-YYYY-XXXX.html">CVE-YYYY-XXXX</a></p>
-
       
     </div>
     <!--#include virtual="/footer.html" -->
diff --git a/content/security/faq.html b/content/security/faq.html
index 7df13d4..976d737 100644
--- a/content/security/faq.html
+++ b/content/security/faq.html
@@ -6,12 +6,11 @@
     
     <link href="/css/ooo.css" rel="stylesheet" type="text/css">
     
-  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <title>Apache OpenOffice Security Team FAQ</title>
-  <style type="text/css">
-/*<![CDATA[*/
-    hr { display: block }
+  <style>
+  /*<![CDATA[*/
+  hr { display: block }
   /*]]>*/
   </style>
 
@@ -30,180 +29,207 @@
     <div id="content">
       
       
+
   <a id="top" name="top"></a>
 
   <h2>Apache OpenOffice Security Team FAQ</h2>
 
   <ul>
     <li><a href="#secure">Is OpenOffice secure?</a></li>
+    <li><a href="#genuine">How do I know my copy of OpenOffice is genuine?</a></li>
+    <li><a href="#protect">How do I protect my copy of OpenOffice against security issues?</a></li>
+    <li><a href="#verify">"The publisher of this software cannot be verified" - what should I do?</a></li>
+    <li><a href="#viruses">How do I stop viruses attacking my copy of OpenOffice?</a></li>
+    <li><a href="#macros">How do I protect against macro-viruses in OpenOffice?</a></li>
+    <li><a href="#reporting">I am a developer - how do I report a security vulnerability in OpenOffice?</a></li>
+    <li><a href="#bulletin">Where can I find a list of all the security vulnerabilities fixed in OpenOffice?</a></li>
+    <li><a href="#alerts">How can I get email alerts about security vulnerabilities fixed in OpenOffice?</a></li>
+  </ul>
 
-    <li><a href="#genuine">How do I know my copy of OpenOffice is
-    genuine?</a></li>
-
-    <li><a href="#protect">How do I protect my copy of OpenOffice against
-    security issues?</a></li>
-
-    <li><a href="#verify">"The publisher of this software cannot be verified"
-    - what should I do?</a></li>
-
-    <li><a href="#viruses">How do I stop viruses attacking my copy of
-    OpenOffice?</a></li>
+  <a id="secure" name="secure"></a>
 
-    <li><a href="#macros">How do I protect against macro-viruses in
-    OpenOffice?</a></li>
+  <h3>Is OpenOffice secure?</h3>
 
-    <li><a href="#reporting">I am a developer - how do I report a security
-    vulnerability in OpenOffice?</a></li>
+  <p>
+    The OpenOffice engineers take the security of the software very seriously. We take great care to ensure
+    that our software is secure, and we will react promptly to any reports of suspected security
+    vulnerabilities in our software.</p>
 
-    <li><a href="#bulletin">Where can I find a list of all the security
-    vulnerabilities fixed in OpenOffice?</a></li>
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
 
-    <li><a href="#alerts">How can I get email alerts about security
-    vulnerabilities fixed in OpenOffice?</a></li>
-  </ul><a id="secure" name="secure"></a>
+  <a id="genuine" name="genuine"></a>
 
-  <h3>Is OpenOffice secure?</h3>
+  <h3>How do I know my copy of OpenOffice is genuine?</h3>
 
-  <p>The OpenOffice engineers take the security of the software very
-  seriously. We take great care to ensure that our software is secure, and we
-  will react promptly to any reports of suspected security vulnerabilities in
-  our software.</p>
+  <p>
+    Make sure you know where your copy of OpenOffice has come from. Download from one of the sites listed in
+    <a href="/download">our download page</a>, or purchase from one of our CD distributors.
+    <a href="../download/checksums.html">Use a checksum</a> to make sure your copy has not been corrupted
+    before you install it.
+  </p>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p><a id="genuine" name="genuine"></a>
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
 
-  <h3>How do I know my copy of OpenOffice is genuine?</h3>
+  <a id="protect" name="protect"></a>
 
-  <p>Make sure you know where your copy of OpenOffice has come from.
-  Download from one of the sites listed in <a href=
-  "/download">our download page</a>, or purchase from
-  one of our CD distributors.
-  <a href="../download/checksums.html">Use a checksum</a>
-  to make sure your copy has not been corrupted before you install it.</p>
+  <h3>How do I protect my copy of OpenOffice against security issues?</h3>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p><a id="protect" name="protect"></a>
+  <p>
+    We recommend all users install new versions of OpenOffice as soon as practical after they are released.
+    Since version 2.1, OpenOffice has included a feature which will tell you if a new version is available.
+    We recommend you switch this on <em>(Tools -&gt; Options -&gt; Online Update -&gt; Check for updates
+    automatically)</em>.
+  </p>
 
-  <h3>How do I protect my copy of OpenOffice against security
-  issues?</h3>
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
 
-  <p>We recommend all users install new versions of OpenOffice as soon as
-  practical after they are released. Since version 2.1, OpenOffice has
-  included a feature which will tell you if a new version is available. We
-  recommend you switch this on <em>(Tools -&gt; Options -&gt; Online Update
-  -&gt; Check for updates automatically)</em>.</p>
+  <a id="verify" name="verify"></a>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p><a id="verify" name="verify"></a>
+  <h3>"The publisher of this software cannot be verified" - what should I do?</h3>
 
-  <h3>"The publisher of this software cannot be verified" - what should I
-  do?</h3>
+  <p>
+    When installing OpenOffice under Microsoft Windows, you may see a warning message stating that the
+    publisher of the software could not be verified. It is safe to ignore this message if you are confident
+    that your copy of OpenOffice came from a reputable source. If you have any doubts about this, you can
+    check that the file has not been tampered with by
+    <a href="../download/checksums.html">using MD5 checksums</a>.
+  </p>
 
-  <p>When installing OpenOffice under Microsoft Windows, you may see a
-  warning message stating that the publisher of the software could not be
-  verified. It is safe to ignore this message if you are confident that your
-  copy of OpenOffice came from a reputable source. If you have any doubts
-  about this, you can check that the file has not been tampered with by
-  <a href="../download/checksums.html">using MD5 checksums</a>.</p>
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p><a id="viruses" name="viruses"></a>
+  <a id="viruses" name="viruses"></a>
 
   <h3>How do I stop viruses attacking my copy of OpenOffice?</h3>
 
-  <p>If your computer becomes infected with a virus, it is possible that any
-  program you have installed – including OpenOffice - may become
-  corrupted. Your computer cannot catch a virus from fresh air. It can become
-  infected if someone gives you any kind of media – floppy disk, CD, DVD,
-  memory stick, memory card etc. – anything capable of holding data can also
-  hold a virus. It can become infected if it is connected to any kind of
-  network, including wireless. Connections to publicly accessible networks
-  like the internet are particularly risky.</p>
+  <p>
+    If your computer becomes infected with a virus, it is possible that any program you have installed -
+    including OpenOffice - may become corrupted. Your computer cannot catch a virus from fresh air. It can
+    become infected if someone gives you any kind of media - floppy disk, CD, DVD, memory stick, memory
+    card etc. - anything capable of holding data can also hold a virus. It can become infected if it is
+    connected to any kind of network, including wireless. Connections to publicly accessible networks like
+    the internet are particularly risky.
+  </p>
 
-  <p>There is a whole range of things you can do to protect your computer –
-  firewalls, anti-virus software, etc – please contact your PC supplier or IT
-  department for details. If you suspect your PC has been infected, please
-  seek specialist support.</p>
+  <p>
+    There is a whole range of things you can do to protect your computer - firewalls, anti-virus software,
+    etc. please contact your PC supplier or IT department for details. If you suspect your PC has been
+    infected, please seek specialist support.
+  </p>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p><a id="macros" name="macros"></a>
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
+
+  <a id="macros" name="macros"></a>
 
   <h3>How do I protect against macro-viruses in OpenOffice?</h3>
 
-  <p>Macros are a useful part of any office suite, allowing you to automate
-  repetitive tasks. A macro can do anything you can do - including
-  potentially destructive actions such as modifying and deleting files. A
-  macro can attached to any OpenOffice file (document, spreadsheet,
-  etc.).</p>
+  <p>
+    Macros are a useful part of any office suite, allowing you to automate repetitive tasks. A macro can
+    do anything you can do - including potentially destructive actions such as modifying and deleting
+    files. A macro can attached to any OpenOffice file (document, spreadsheet, etc.).
+  </p>
+
+  <p>
+    Whenever OpenOffice detects macros in a document being opened, by default it displays a warning and
+    will only run the macro if the you specifically agree.
+  </p>
 
-  <p>Whenever OpenOffice detects macros in a document being opened, by
-  default it displays a warning and will only run the macro if the you
-  specifically agree.</p>
+  <p>
+    The safest rule is you should never open any OpenOffice file unless you are sure where it has come from
+    and trust the sender. Note that it is very easy to falsify an email address - if you have any doubt, do
+    not open the document until you have proved its identity. If you need to exchange documents regularly.
+    we recommend the use of digital signatures to certify the origin of the document.
+  </p>
 
-  <p>The safest rule is you should never open any OpenOffice file unless
-  you are sure where it has come from and trust the sender. Note that it is
-  very easy to falsify an email address - if you have any doubt, do not open
-  the document until you have proved its identity. If you need to exchange
-  documents regularly, we recommend the use of digital signatures to certify
-  the origin of the document.</p>
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p><a id="reporting" name="reporting"></a>
+  <a id="reporting" name="reporting"></a>
 
-  <h3>I am a developer - how do I report a security vulnerability in
-  OpenOffice?</h3>
+  <h3>I am a developer - how do I report a security vulnerability in OpenOffice?</h3>
 
-  <p>Please report any suspected vulnerabilities to our <a href=
-  "mailto:security@openoffice.apache.org">Security Team</a>. We appreciate
-  early confidential disclosure to give vendors of products and solutions
-  based on OpenOffice time to react. We will coordinate the disclosure of
-  your report with you.</p>
+  <p>
+    Please report any suspected vulnerabilities to our
+    <a href="mailto:security@openoffice.apache.org">Security Team</a>. We appreciate early confidential
+    disclosure to give vendors of products and solutions based on OpenOffice time to react. We will
+    coordinate the disclosure of your report with you.
+  </p>
 
-  <p>In your report, please include the following information:</p>
+  <p>
+    In your report, please include the following information:
+  </p>
 
   <ul>
-    <li>In which version of OpenOffice did you identify the problem (e.g.
-    3.3.0, 3.4.1, 4.0.0, etc.)?</li>
+    <li>
+      In which version of OpenOffice did you identify the problem (e.g. 3.3.0, 3.4.1, 4.0.0, etc.)?
+    </li>
 
-    <li>What is the impact of the problem (data loss, denial of service,
-    executing commands, etc.)?</li>
+    <li>
+      What is the impact of the problem (data loss, denial of service, executing commands, etc.)?
+    </li>
 
-    <li>How can the problem be reproduced?</li>
+    <li>
+      How can the problem be reproduced?
+    </li>
 
-    <li>Is there an existing exploit?</li>
+    <li>
+      Is there an existing exploit?
+    </li>
 
-    <li>Has the problem already been published?</li>
+    <li>
+      Has the problem already been published?
+    </li>
   </ul>
 
-  <p>After we receive your report, we will work on the evaluation and we will
-  reply to you (typically in the next business day).</p>
+  <p>
+    After we receive your report, we will work on the evaluation and we will reply to you (typically in the
+    next business day).
+  </p>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p><a id="bulletin" name="bulletin"></a>
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
 
-  <h3>Where can I find a list of all the security vulnerabilities fixed in
-  OpenOffice?</h3>
+  <a id="bulletin" name="bulletin"></a>
 
-  <p>These are listed in our <a href=
-  "/security/bulletin.html">Security
-  Bulletin</a>.</p>
+  <h3>Where can I find a list of all the security vulnerabilities fixed in OpenOffice?</h3>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p><a id="alerts" name="alerts"></a>
+  <p>
+    These are listed in our <a href="/security/bulletin.html">Security Bulletin</a>.
+  </p>
 
-  <h3>How can I get email alerts about security vulnerabilities fixed in
-  OpenOffice?</h3>
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
 
-  <p>Please read our <a href=
-  "/security/alerts.html">Security Alerts</a>
-  page.</p>
+  <a id="alerts" name="alerts"></a>
+
+  <h3>How can I get email alerts about security vulnerabilities fixed in OpenOffice?</h3>
+
+  <p>
+    Please read our <a href="/security/alerts.html">Security Alerts</a> page.
+  </p>
+
+  <p>
+    <a href="#top"><img src="top.gif" alt="up arrow" /> Return to top</a>
+  </p>
 
-  <p><a href="#top"><img src="top.gif" alt="up arrow" /> Return to
-  top</a></p>
   <hr />
 
-  <p><a href="/security/">Security Home</a> -&gt;
-  <a href="/security/faq.html">Security FAQ</a></p>
+  <p>
+    <a href="/security/">Security Home</a> -&gt; <a href="/security/faq.html">Security FAQ</a>
+  </p>
+
 
       
     </div>
diff --git a/content/security/index.html b/content/security/index.html
index a18215f..76b77a0 100644
--- a/content/security/index.html
+++ b/content/security/index.html
@@ -7,15 +7,13 @@
     <link href="/css/ooo.css" rel="stylesheet" type="text/css">
     
   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-
   <title>Apache OpenOffice Security Team</title>
-  <style type="text/css">
-/*<![CDATA[*/
-    hr { display: block }
+  <style>
+  /*<![CDATA[*/
+  hr { display: block }
   /*]]>*/
   </style>
 
-
     
     <script src="https://www.apachecon.com/event-images/snippet.js"></script>
   </head>
@@ -31,54 +29,78 @@
     <div id="content">
       
       
-  <h2>Apache OpenOffice Security Team</h2>
-
-  <p>For general information about Apache OpenOffice security, please see our
-  <a href="/security/faq.html">Frequently Asked
-  Questions page</a>.</p>
-
-  <p>For details of our security alerts by email service, please see our
-  <a href="alerts.html">Security Alerts page</a>.</p>
-
-  <p>OpenOffice is a complex piece of software developed by various
-  teams. As such, it can contain security relevant bugs. If you are a
-  software developer and you believe you have found a vulnerability in our
-  source code, please contact our <a href=
-  "mailto:security@openoffice.apache.org">security team</a> so we can evaluate
-  the problem and work on proper solution for our users and for future
-  versions of our product.</p>
 
-  <p>We appreciate early confidential disclosure to give vendors of products
-  and solutions based on OpenOffice time to react. We will coordinate the
-  disclosure of your report with you.</p>
+<h2>Apache OpenOffice Security Team</h2>
 
-  <p>In your report, please include the following informations:</p>
+  <p>
+    For general information about Apache OpenOffice security, please see our
+    <a href="/security/faq.html">Frequently Asked Questions page</a>.
+  </p>
 
-  <ul>
-    <li>In which version of OpenOffice did you identify the problem?</li>
-
-    <li>Do you have an official version of OpenOffice or e.g. a build
-    from your GNU/Linux distribution (include the URL of the build if
-    possible)?</li>
+  <p>
+    For details of our security alerts by email service, please see our
+    <a href="alerts.html">Security Alerts page</a>.
+  </p>
 
-    <li>What is the impact of the problem (data loss, denial of service,
-    executing commands, etc.)?</li>
+  <p>
+    OpenOffice is a complex piece of software developed by various teams. As such, it can contain security
+    relevant bugs. If you are a software developer and you believe you have found a vulnerability in our
+    source code, please contact our <a href="mailto:security@openoffice.apache.org">security team</a> so
+    we can evaluate the problem and work on proper solution for our users and for future versions of our
+    product.
+  </p>
 
-    <li>How can the problem be reproduced?</li>
+  <p>
+    We appreciate early confidential disclosure to give vendors of products and solutions based on
+    OpenOffice time to react. We will coordinate the disclosure of your report with you.
+  </p>
 
-    <li>Is there an existing exploit?</li>
+  <p>
+    In your report, please include the following informations.
+  </p>
 
-    <li>Has the problem already been published?</li>
+  <ul>
+    <li>
+      In which version of OpenOffice did you identify the problem?
+    </li>
+
+    <li>
+      Do you have an official version of OpenOffice or e.g. a build from your GNU/Linux distribution
+      (include the URL of the build if possible)?
+    </li>
+
+    <li>
+      What is the impact of the problem (data loss, denial of service, executing commands, etc.)?
+    </li>
+
+    <li>
+      How can the problem be reproduced?
+    </li>
+
+    <li>
+      Is there an existing exploit?
+    </li>
+
+    <li>
+      Has the problem already been published?
+    </li>
   </ul>
 
-  <p>After we receive your report, we will work on the evaluation and we will
-  reply to you (typically in the next business days).</p>
+  <p>
+    After we receive your report, we will work on the evaluation and we will reply to you (typically in the
+    next business days).
+  </p>
+
+  <p>
+    Vulnerabilities which have been resolved are listed in our <a href="bulletin.html">Bulletin</a>.
+  </p>
 
-  <p>Vulnerabilities which have been resolved are listed in our <a href=
-  "bulletin.html">Bulletin</a>.</p>
   <hr />
 
-  <p><a href="/security/">Security Home</a></p>
+  <p>
+    <a href="/security/">Security Home</a>
+  </p>
+
 
       
     </div>

Mime
View raw message