Friday, July 21, 2006

OpenOffice.org Clarification

There has been a leak report from a private meeting about vulnerability in OpenOffice.org. This IS a leak report which shouldn't happened. Here are the OpenOffice.org's clarification:

There has been comment in the media about a report on a French
language website: "Le ministère de la Défense met OpenOffice à l'index"

The ZDNet article [1] claims to describe the proceedings of a confidential meeting within the French public administration. It is not appropriate for the OpenOffice.org community to comment on a leak from a private meeting. However, one of the people mentioned in the article, Eric Filiol, has posted two replies to the online article clarifying the purpose of the research and correcting some of the incorrect conclusions in the original article.

The OpenOffice.org office suite is being widely adopted within the French public administration, and the OpenOffice.org community has been working closely with the departments involved. OpenOffice.org is pleased that its source code is being scrutinised by the most important and respected department of security in France.
If security vulnerabilities are suspected, there is a well defined procedure within the IT industry for reporting, analysing, and resolving any issues, which aims to minimise any public announcement (and the resulting creation of exploits) until fixes are available.

The OpenOffice.org community confirms it regards security as of the highest importance and will react immediately to any security issues reported by the French public administration or other competent bodies or individuals.

-The OpenOffice.org Team

[1] http://www.zdnet.fr/actualites/informatique/
0,39040745,39362096,00.htm


See also,

http://arstechnica.com/news.ars/post/20060718-7288.html

No comments:

Post a Comment