summaryrefslogtreecommitdiff
path: root/LICENSE
AgeCommit message (Collapse)AuthorFilesLines
2018-11-07Shortened ASCII art to avoid line break on WindowsMatthias Seidel1-2/+2
Notes: ignore: aoo
2017-02-02Let's leave the $HeadURL$ in the end.Pedro Giffuni1-1/+2
Looks better and serves the same purpose. Notes: ignore: aoo
2016-12-24Make use of the HeadURL svn keyword.Pedro Giffuni1-0/+2
Using these in notable files, especially the LICENSE, NOTICE and README files improves the visibility of the repository and provides a good reference for developers that may be looking for updates. Notes: ignore: obsolete
2016-08-19Update the bundled version of OpenSSL from 0.9.8zh to 1.0.2h whichDon Lewis1-1/+1
fixes many vulnerabiliies and adds support for newer, more secure ciphers and versions of the protocol. Note: OpenSSL version 1.0.2h contains two known minor vulnerabilites, CVE-2016-2177 and CVE-2016-2178, which will be fixed in the next OpenSSL release. Their potential impact is low enough that that various Linux distros have chosen not to apply the upstream patches to the versions that they distribute. On Windows, there is an optional new dependency on NASM, <http://www.nasm.us/>. If NASM is not available, then the C implementations of the low-level crypto code will be used instead of the optimized assembly language versions. Since OpenOffice is not a heavy user of this code, the impact should be minor. If NASM is installed, but its location is not in $PATH, the directory containing nasm.exe should be passed to configure using --with-nasm-home. The fallback to the C crypto implementation also happens on Linux if the version of gcc is sufficently old to indicate that the toolchain is likely to not support the some of the instructions in the assembly language versions of the code. Notes: prefer: 7ecaf61287606001eac9b3d76df95a0a900e11c0
2016-08-10#i127069#: bundled expat version 2.1.0 has two vulnerabilitiesDon Lewis1-3/+2
Upgrade bundled expat to version 2.2.0, which fixes: CVE-2016-5300 CVE-2012-6702 It is not known whether these can be exploited when expat is used as part of OpenOffice. All of input files to expat seem to come from the OpenOffice source. One patch is needed to the expat source, without which saxparser crashes during the build. It has been submitted upstream, see <https://sourceforge.net/p/expat/bugs/539/>. It is only triggered when building expat with -DXML_UNICODE which is not the default, but this flag is used when building the bundled expat. Notes: prefer: 4c28c8051ac99bd2a39ad06af35d87c2ddf2677e
2016-07-28#i126896#: bundled curl version 7.19.7 has many vulnerabilitiesDon Lewis1-5/+6
Upgrade bundled curl to version 7.49.1. Delete most of the curl patches since they are no longer necessary. The only needed patch is to produce a library with the expected name when building on Windows. Update the curl copyright info in LICENSE. These curl CVEs have been fixed since 7.19.7: CVE-2010-0734 CVE-2011-2192 CVE-2013-2174 CVE-2014-3143 CVE-2014-3144 CVE-2014-3145 CVE-2014-3148 CVE-2014-8150 CVE-2015-3153 CVE-2016-0755 Whether any of these affect the OpenOffice usage of curl is not known. OpenOffice only uses curl to access ftp:// URLs, which is likely to be only rarely done. Notes: prefer: c772c8fd273d73af4734ce0ed1b4bb082dc1886c
2016-02-12i126369 - Finish off hwpfilterPedro Giffuni1-21/+0
The Hangul Word Processor filter was disabled from OpenOffice in r1677190 due to security concerns. While some extra buffer controls could have been made and the filter restored, the truth is a much bigger effort is required to catch up with this format. Files created with later editions of Hangul, including Hangul Wordian, Hangul 2002, Hangul 2005 and Hangul 2007 cannot be opened with the existing filter. Existing users can apparently download a free viewer and convert their document to RTF or doc. Drop completely the code. while here also drop remnants of wpd support that we dropped since 3.4.1. Having less code is sometimes better. Notes: prefer: f974db5d89eacf0c23e303c22c62972014e9db16
2014-04-29Many spelling fixes: some more files.Pedro Giffuni1-1/+1
Attempt to clean up most but certainly not all the spelling mistakes that found home in OpenOffice through decades. Did I mention this is more important than translating German comments? ;) Notes: merged as: 4d878a080907211f827bdf42184e98075a4ad0f5
2013-11-18#i122362# remove stlport4-build supportHerbert Dürr1-66/+0
but keep the --without-stlport configure option for now it is the new default anyway Notes: ignore: obsolete
2013-06-13Bump copyright year.Andrea Pescetti1-1/+1
Notes: ignore: aoo
2012-10-18Remove the incubating disclaimer now that Apache OpenOffice has graduated ↵Herbert Dürr1-2/+2
from the Apache Incubator On October 18th, 2012 the Apache Software foundation announced that the Apache OpenOffice project has graduated from the Apache Incubator Notes: ignore: aoo
2012-09-24Fix license encodingAriel Constenla-Haile1-53/+53
Convert to UTF-8 encoding, fix line endings mixed up while copying and pasting licenses. Notes: ignore: aoo
2012-04-03#i119168# updated configure help for category-b/aggregation instructions and ↵Herbert Dürr1-2/+1
update license/notice boilerplate text
2012-04-02reworked LICENSE and NOTICE due to the feedback we have got.Oliver-Rainer Wittmann1-1767/+1175
2012-03-22Sort better relative to NOTICE.Pedro Giffuni1-17/+18
2012-03-22Add licenses for XFree86 Inc. and some contributors including HP, SuSE and ↵Pedro Giffuni1-110/+219
the FSF. Cleanup some stuff while here.
2012-03-20Some more cleanups.Pedro Giffuni1-7/+143
2012-03-19Sort and update the third-party NOTICE and LICENSE information.Pedro Giffuni1-0/+2194
2011-10-10Apache License version 2.0 text - clear up extra components that we are not ↵Pedro Giffuni1-305/+0
using (yet)
2011-10-08Add Apache license fileRob Weir1-0/+507
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-19 08:18:15 +0000