OpenOffice.org (OOo) project developer Joost Andrae has announced that the free office suite has been downloaded more than one hundred million times since the launch of version 3.0 a little over a year ago. The total number of downloads comes from combining 59.9+ million downloads since OpenOffice 3.0 was announced and 40.2+ million downloads of OpenOffice 3.1, which was released this past May, reports The H-online.

The current number of downloads, including trends for the last 28 days, are available on the project's bouncer statistics page.

New features for version 3.2 of the office suite are currently under development. OOo 3.2 is currently in beta and expected to be available at the end of November. Improvements users can expect in this next release, according to Malte Timmermann:

• Encrypted documents: Macros can be added, replaced or removed. Here he notes that users will no longer be able to add unencrypted macro streams or replace existing streams with unencrypted versions.

• META-INF/manifest.xml and META-INF/documentsignatures.xml themselves are not signed: In the new release, the definition for document signatures states that all streams in the ODF package, including manifest.xml, must be covered by the document signatures, adding that the only exception is that the signature stream itself might be excluded.

• Attacker can add non-declared file (in particular one or more malicious macros): In this case, Timmermann recommends that users make sure that all files are declared in manifest.xml, noting that OOo 3.2 will make this check for ODF 1.2 documents. He also notes that the ODF 1.2 specification will state more clearly that all files need to be registered in manifest.xml, and he cautions that because older versions of OOo already registered all files in manifest.xml, it might be worth discussing if this check could/should also be done for older documents.

• Replacing an encrypted macro with a plaintext (malicious) macro: As previously noted, OOo 3.2 will not accept any unencrypted streams in encrypted documents, independent from the ODF version used in the document.

Additional improvements to expect, Timmermann concludes, are that ODF 1.2 now allows for using different encryption algorithms, and all details about the algorithms used need to be documented in the manifest.xml (which is the reason that the manifest.xml itself can't be encrypted). These ODF enhancements have been submitted to the OASIS ODF TC, and OOo 3.2 already implements them, he notes. He adds that this only means OOo would put all needed information into manifest.xml, though not that OOo would have new built-in encryption algorithms yet.

The latest stable release of OpenOffice is version 3.1.1. OpenOffice is released under version 3 of the GNU Lesser General Public License (LGPLv3).

More Information

OpenOffice Web Site

OpenOffice 3.1 Released

eWeek Reviews OpenOffice 3.1 [...read more...]

From the latest issue:

Recent Blog Entries as of March 21, 2010, 7:14 am
Oracle Works to Assuage the Anxieties of Its Customers SysAdmin News Bites Oracle Enterprise Manager Ops Center Released Suits and Their Countersuits A More Direct Channel Model Planned for Oracle-Sun	The Importance of Information Storage and Management Sun POJO Service Engine User's Guide Sun Storage 7000 2010.Q1 Quality and Features PSA Deploys GlassFish in the Manufacture of Peugeot, Citroën Vehicles Running VirtualBox VMs as Services in Windows
Blog RSS Feed