<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">CVE-2018-1055 is the CVE we have listed on our security advisories page. <div class=""><br class=""></div><div class=""><a href="https://www.libreoffice.org/about-us/security/advisories/" class="">https://www.libreoffice.org/about-us/security/advisories/</a><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On 11 Feb 2018, at 8:34 pm, Rene Engelhard <<a href="mailto:rene@debian.org" class="">rene@debian.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">On Sat, Feb 10, 2018 at 12:07:38PM +0100, Paul Menzel wrote:<br class=""><blockquote type="cite" class="">Maybe it’s my English, but “through 6.0.1” sounds to me like, that<br class="">version is affected. The vulnerability description page [2] says, that<br class="">LibreOffice 6.0.1 is not affected.<br class=""></blockquote><br class="">I'd more guess it's that irresponsible disclosure guys english...<br class=""><br class=""><blockquote type="cite" class="">So, how can I find out, in what version that vulnerability was fixed?<br class=""></blockquote><br class="">As others said: yes, 5.4.5/6.0.1 are fixed.<br class=""><br class="">(And please use CVE-2018-1005, not that guys CVE.. We shouldn't honour<br class="">him for this irresponsible disclosure.)<br class=""><br class="">Regards,<br class=""><br class="">Rene<br class="">_______________________________________________<br class="">LibreOffice mailing list<br class=""><a href="mailto:LibreOffice@lists.freedesktop.org" class="">LibreOffice@lists.freedesktop.org</a><br class="">https://lists.freedesktop.org/mailman/listinfo/libreoffice<br class=""></div></div></blockquote></div><br class=""></div></body></html>