content/security/index.html - openoffice-org - Git at Google

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
   <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <title>Apache OpenOffice Security Team</title>
   <style>
   /*<![CDATA[*/
   hr { display: block }
   /*]]>*/
   </style>
 </head>

 <body>

 <h2>Apache OpenOffice Security Team</h2>

   <p>
     For general information about Apache OpenOffice security, please see our
     <a href="/security/faq.html">Frequently Asked Questions page</a>.
   </p>

   <p>
     For details of our security alerts by email service, please see our
     <a href="alerts.html">Security Alerts page</a>.
   </p>

   <p>
     OpenOffice is a complex piece of software developed by various teams. As such, it can contain security
     relevant bugs. If you are a software developer and you believe you have found a vulnerability in our
     source code, please contact our <a href="mailto:security@openoffice.apache.org">security team</a> so
     we can evaluate the problem and work on proper solution for our users and for future versions of our
     product.
   </p>

   <p>
     We appreciate early confidential disclosure to give vendors of products and solutions based on
     OpenOffice time to react. We will coordinate the disclosure of your report with you.
   </p>

   <p>
     In your report, please include the following informations.
   </p>

   <ul>
     <li>
       In which version of OpenOffice did you identify the problem?
     </li>

     <li>
       Do you have an official version of OpenOffice or e.g. a build from your GNU/Linux distribution
       (include the URL of the build if possible)?
     </li>

     <li>
       What is the impact of the problem (data loss, denial of service, executing commands, etc.)?
     </li>

     <li>
       How can the problem be reproduced?
     </li>

     <li>
       Is there an existing exploit?
     </li>

     <li>
       Has the problem already been published?
     </li>
   </ul>

   <p>
     After we receive your report, we will work on the evaluation and we will reply to you (typically in the
     next business days).
   </p>

   <p>
     Vulnerabilities which have been resolved are listed in our <a href="bulletin.html">Bulletin</a>.
   </p>

   <hr />

   <p>
     <a href="/security/">Security Home</a>
   </p>

 </body>
 </html>
	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
	<title>Apache OpenOffice Security Team</title>
	<style>
	/<![CDATA[/
	hr { display: block }
	/]]>/
	</style>
	</head>

	<body>

	<h2>Apache OpenOffice Security Team</h2>

	<p>
	For general information about Apache OpenOffice security, please see our
	<a href="/security/faq.html">Frequently Asked Questions page</a>.
	</p>

	<p>
	For details of our security alerts by email service, please see our
	<a href="alerts.html">Security Alerts page</a>.
	</p>

	<p>
	OpenOffice is a complex piece of software developed by various teams. As such, it can contain security
	relevant bugs. If you are a software developer and you believe you have found a vulnerability in our
	source code, please contact our <a href="mailto:security@openoffice.apache.org">security team</a> so
	we can evaluate the problem and work on proper solution for our users and for future versions of our
	product.
	</p>

	<p>
	We appreciate early confidential disclosure to give vendors of products and solutions based on
	OpenOffice time to react. We will coordinate the disclosure of your report with you.
	</p>

	<p>
	In your report, please include the following informations.
	</p>

	<ul>
	<li>
	In which version of OpenOffice did you identify the problem?
	</li>

	<li>
	Do you have an official version of OpenOffice or e.g. a build from your GNU/Linux distribution
	(include the URL of the build if possible)?
	</li>

	<li>
	What is the impact of the problem (data loss, denial of service, executing commands, etc.)?
	</li>

	<li>
	How can the problem be reproduced?
	</li>

	<li>
	Is there an existing exploit?
	</li>

	<li>
	Has the problem already been published?
	</li>
	</ul>

	<p>
	After we receive your report, we will work on the evaluation and we will reply to you (typically in the
	next business days).
	</p>

	<p>
	Vulnerabilities which have been resolved are listed in our <a href="bulletin.html">Bulletin</a>.
	</p>

	<hr />

	<p>
	<a href="/security/">Security Home</a>
	</p>

	</body>
	</html>