LibreOffice, Planet Ubuntu, Quick thoughts

CVE-2015-1774: comparing how LibreOffice and Apache OpenOffice have addressed it

I was a bit intrigued by this tweet:

So I decided to see how exactly both projects have addressed that security problem.

Apache OpenOffice’s approach?
“Let’s stop bundling the component, and recommend people to fiddle in an unintuitive file system in order to remove it manually from their systems.”

LibreOffice’s approach?
“Let’s actually ship a fix to users, in two release branches at once (4.3.7 and 4.4.2), as soon as possible.”

You don’t have to be a genius to determine which project enjoys the best health. Just sayin’.

Standard