The Apache Software Foundation takes a very active stance in eliminating security problems with Apache OpenOffice.org
We strongly encourage folks to report such problems to our private security mailing list first, before disclosing them in a public forum.
Please note that the security mailing list should only be used for reporting undisclosed security vulnerabilities in Apache OpenOffice.org and managing the process of fixing such vulnerabilities. We cannot accept regular bug reports or other queries at this address. All mail sent to this address that does not relate to an undisclosed security problem in Apache OpenOffice.org will be ignored.
If you need to report a bug that isn't an undisclosed security vulnerability, please use the bug reporting page.
Questions about:
should be addressed to the project's main mailing list. Please see the mailing lists page for details of how to subscribe.
The private security mailing address is: ooo-security@incubator.apache.org
Please note that security bulletins of the pre-Apache OpenOffice.org project are archived at that site.
Copyright © 2011-2012 The Apache Software Foundation Licensed under the Apache License, Version 2.0 | Contact Us | Terms of Use
Apache and the Apache feather logos are trademarks of The Apache Software Foundation. OpenOffice.org and the seagull logo are registered trademarks of The Apache Software Foundation. Other names appearing on the site may be trademarks of their respective owners.
Apache OpenOffice is an effort undergoing incubation at The Apache Software Foundation (ASF), sponsored by the Apache Incubator. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.