maddin is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
maddin @maddin

Serious vulnerability found in webservice function:

github.com/jollheef/libreoffic

impact is that every file to which the user has read access can be silently disclosed to a webserver.

· Web · 0 · 0

is asking all users today to upgrade to the latest version of for "for improved robustness and security":

blog.documentfoundation.org/bl

I haven't found this issue in the list of fixed bugs yet. Will test tomorrow if this has been fixed.

I could validate today that the vulnerability in function 'webservice' has been fixed in version 5.4.5
YOU SHOULD UPGRADE ASAP!