| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> |
| <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> |
| <title>Apache OpenOffice Security Team</title> |
| <style> |
| /*<![CDATA[*/ |
| hr { display: block } |
| /*]]>*/ |
| </style> |
| </head> |
| |
| <body> |
| |
| <h2>Apache OpenOffice Security Team</h2> |
| |
| <p> |
| For general information about Apache OpenOffice security, please see our |
| <a href="/security/faq.html">Frequently Asked Questions page</a>. |
| </p> |
| |
| <p> |
| For details of our security alerts by email service, please see our |
| <a href="alerts.html">Security Alerts page</a>. |
| </p> |
| |
| <p> |
| OpenOffice is a complex piece of software developed by various teams. As such, it can contain security |
| relevant bugs. If you are a software developer and you believe you have found a vulnerability in our |
| source code, please contact our <a href="mailto:security@openoffice.apache.org">security team</a> so |
| we can evaluate the problem and work on proper solution for our users and for future versions of our |
| product. |
| </p> |
| |
| <p> |
| We appreciate early confidential disclosure to give vendors of products and solutions based on |
| OpenOffice time to react. We will coordinate the disclosure of your report with you. |
| </p> |
| |
| <p> |
| In your report, please include the following informations. |
| </p> |
| |
| <ul> |
| <li> |
| In which version of OpenOffice did you identify the problem? |
| </li> |
| |
| <li> |
| Do you have an official version of OpenOffice or e.g. a build from your GNU/Linux distribution |
| (include the URL of the build if possible)? |
| </li> |
| |
| <li> |
| What is the impact of the problem (data loss, denial of service, executing commands, etc.)? |
| </li> |
| |
| <li> |
| How can the problem be reproduced? |
| </li> |
| |
| <li> |
| Is there an existing exploit? |
| </li> |
| |
| <li> |
| Has the problem already been published? |
| </li> |
| </ul> |
| |
| <p> |
| After we receive your report, we will work on the evaluation and we will reply to you (typically in the |
| next business days). |
| </p> |
| |
| <p> |
| Vulnerabilities which have been resolved are listed in our <a href="bulletin.html">Bulletin</a>. |
| </p> |
| |
| <hr /> |
| |
| <p> |
| <a href="/security/">Security Home</a> |
| </p> |
| |
| </body> |
| </html> |