Home » You searched for security » Page 3

Search Results for: security

The Document Foundation publishes details of LibreOffice 3.4.3 security fixes

The Internet, October 4, 2011 – The Document Foundation (TDF) publishes some details of the security fixes included with the recently released LibreOffice 3.4.3, and included in the older 3.3.4 version. Following industry best practice, details of security fixes are withheld until users have been given time to migrate to the new version. RedHat security researcher Huzaifa Sidhpurwala identified a memory corruption vulnerability in the code responsible for loading Microsoft Word documents in LibreOffice. This flaw could have been used for nefarious purposes, such as installing viruses, through a specially-crafted file. The corresponding vulnerability description is CVE-2011-2713,”Out-of-bounds property read in binary .doc filter”. LibreOffice 3.4.3 also includes various improvements to the loading of Windows Metafile (.wmf) and Windows Enhanced Metafile (.emf) image formats that were found through fuzz testing. LibreOffice developers have developed some additional security patches and fixes. These are part of a general set of development improvements which are reflected in the overall quality and stability of the software. Most LibreOffice 3.4.3 security fixes have been developed by Caolan McNamara of RedHat and Marc-André Laverdière of Tata Consultancy Services. “Working on fuzzing LibreOffice import filters has been a great experience, and I am glad I could contribute in

Why a digital document is a piece of software, and what that means for your freedom

Most people, including many competent software developers, think of a digital document the way they think of a sheet of paper: an inert object that holds words and pictures, indifferent to the tool used to open it. This intuition is wrong, and the consequences of getting it wrong shape everything from vendor lock-in to cybersecurity to the long-term readability of public records. A digital document is not paper. It is a piece of software. The HTML parallel The clearest way to see this is to think about a web page. When you visit a website, your browser receives a file – an HTML document – and executes it. It parses the markup, applies styling rules, runs embedded scripts, fetches additional resources, and assembles the result into something you can read. The page you see on screen is not a static image transmitted from the server, it is the output of a small program that your browser ran on your behalf. Nobody disputes that a web browser is software. Yet the HTML file it consumes is also, in a meaningful sense, software: a set of instructions describing what should happen when the file is opened. Change the instructions, and the rendered

The Document Foundation announces LibreOffice 25.8.7

Berlin, 12 May 2026 – The Document Foundation announces the release of LibreOffice 25.8.7, the final maintenance release of the LibreOffice 25.8 family, available for download at www.libreoffice.org/download [1]. Users of LibreOffice 25.8.x should update to LibreOffice 26.2.x as LibreOffice 25.8’s end of life will be on June 12, and after that date the software will not receive additional security updates. LibreOffice 25.8.7 is based on LibreOffice Technology, which enables the development of desktop, mobile and cloud versions – either from TDF or from the ecosystem – that fully supports the two document format standards: the open ODF or Open Document Format (ODT, ODS and ODP), and the closed and proprietary Microsoft OOXML (DOCX, XLSX and PPTX). Products based on LibreOffice Technology are available for all major desktop operating systems (Windows, macOS, Linux and ChromeOS), mobile platforms (Android and iOS) and the cloud. For enterprise-class deployments, TDF recommends a LibreOffice Enterprise optimized version, with dedicated value-added features and other benefits such as SLAs and security patch backports for three to five years. Additional details at: www.libreoffice.org/download/libreoffice-in-business/. English manuals for the LibreOffice 25.8 family are available for download at books.libreoffice.org/en/. End users can get first-level technical support from volunteers on the

Insights from the InstallFest 2026 Conference in Prague

Petr Valach from the Czech LibreOffice community writes: On the last weekend of March 2026, the regular InstallFest 2026 conference took place. Here is a summary of the news and insights we gained at the event. New venue What every visitor noticed immediately upon entering was the change in the location of the conference spaces. Instead of Building E in the courtyard of the Faculty of Electrical Engineering complex, visitors headed up the stairs directly inside Building A from the reception. The conference thus gained larger premises (three floors were allocated), which visitors likely appreciated, as there was no crowding anywhere. As I mentioned in my report from the previous year, I personally prefer historic spaces over modern architecture like that of LinuxDays. Its design is also very interesting, with a certain intended rawness and practicality, but historic buildings hide their own charm and the mystery of bygone times. However, the placement of most booths was problematic. They were (as last year) located in a single room. If visitors didn’t know about them, they wouldn’t go there on their own – they had to deliberately search and find them (although there were signs everywhere and the magnetic navigation system deserves

LibreOffice Asia Conf 2025 – Panel: Lessons from Open Source Business, Part II

Jiajun Xu writes, following on from part 1: The annual community event LibreOffice Asia Conference was held on December 13–14, 2025 in Tokyo, Japan. One of the sessions was a panel discussion titled “Lessons from Open Source Business,” moderated by Franklin Weng, featuring three company leaders from different countries sharing how they run their businesses through open source tools. This article covers Part II: the moderator’s questions and discussion. (Note: photo credits: Tetsuji Koyama, CC BY 4.0) Question 1: Open Source as Business Core vs. Business Using Open Source Technology Franklin first provided some context for this question. In 2022, he wrote a handbook on “Public Money, Public Code” for the Friedrich Naumann Foundation for Freedom. At the press conference marking its release, someone asked him about open source business, and he proposed two models: “Open source as the business core”: You start with open source software, then think about building a business around it. “Business using open source technology”: You start with a business model, then consider which tools to use. He emphasized that neither approach is inherently better or worse — the distinction simply serves as a useful way to frame the discussion. Franklin then asked the panelists

LibreOffice Asia Conf 2025 – Panel: Lessons from Open Source Business, Part I

Jiajun Xu writes: The annual community event LibreOffice Asia Conference was held on December 13-14 2025 in Tokyo, Japan. One of the sessions was a panel discussion titled “Lessons from Open Source Business,” moderated by Franklin Weng, featuring three company leaders from different countries sharing how they run their businesses with open source tools. This article covers the first part of the panel: the business introductions. (Note: photo credits: Tetsuji Koyama, CC BY 4.0) Business Introductions Germany: Lothar Becker and .riess applications The first to present was Lothar Becker from Germany, Managing Director and owner of “.riess applications.” The company primarily operates in Europe, providing consulting services based on open source solutions. Lothar described himself as not being development-oriented, but rather focused on client relationships and consulting — a personal trait that has shaped the company’s direction. As a consulting firm, a defining feature of .riess’s business model is that it does not charge for technical support or long-term support licensing fees. Instead, they productize their expertise as consulting services. This means .riess operates on a people- and time-based revenue model, which does not lend itself to the kind of exponential revenue scaling that SaaS companies achieve through near-zero marginal

Press Releases

The Document Foundation announces LibreOffice 25.8.7

Berlin, 12 May 2026 - The Document Foundation announces the release of LibreOffice 25.8.7, the final maintenance release of the…

Open Document Format

There is no digital sovereignty without ODF

Any other choice is a choice of dependence on a single vendor Digital sovereignty begins with the document format. Everything…