Summary: | Security : Weak Encryption: Insecure Mode of Operation (Security Features, Semantic) | ||
---|---|---|---|
Product: | POI | Reporter: | Sreekanth Basani <sreekanthbasani> |
Component: | POI Overall | Assignee: | POI Developers List <dev> |
Status: | RESOLVED INVALID | ||
Severity: | critical | ||
Priority: | P2 | ||
Version: | 4.1.1-FINAL | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | All |
Description
Sreekanth Basani
2019-11-22 13:57:52 UTC
Ok ... noted. The cipher handling is described in the MS-OOFCRYPTO Spec - we won't change it too something current, as our goal is to read old encrypted documents too. [MS-OFFCRYPTO]: https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-offcrypto/3c34d72a-1a61-4b52-a893-196f9157f083?redirectedfrom=MSDN Hi Sreekanth - if you find any or potential security issue, could you follow the guidelines on https://www.apache.org/security/ ? |