When a software update is released, most of us expect new features to be announced, but more frequent versions are released to fix bugs. Many of these patches improve the user experience, but they are no more important than those that improve security. And that's what The Document Foundation announced today: both LibreOffice 7.2.4 como 7.1.8 they have been launched including a major security patch.
Both versions have been released ahead of time, but because TDF has corrected the bug CVE-2021-43527 that affected the cryptographic library NSS 3.73.0. That is the only change they have made in LibreOffice 7.2.4 and 7.1.8, and, although they do not give details about how it would affect users, they have considered it serious enough for the releases to be advanced and for the recommended version You have reached your eighth point update.
LibreOffice 7.2.4 and 7.1.8 fix bug CVE-2021-43527
Not even Miter, who collects and publishes information on this type of security flaw (CVE), provides information about it. Therefore, we only know what The Document Foundation tells us:
“The Document Foundation announces the LibreOffice 7.2.4 Community and the LibreOffice 7.1.8 Community to provide a key security fix. […] The two new versions include the corrected NSS 3.73.0 cryptographic library, to solve the CVE-2021-43527 (the nss secfix is the only change compared to the previous version) ».
Once again, they have taken the opportunity to remind us that what they launch to the public is the community version (Community), and that if we want improved support and special functions we have to subscribe to the version for companies (Enterprise). They also mention again that, as former, this version is available for Apple Silicon computers.
LibreOffice 7.2.4 and 7.1.8 are already available from the project download page. LibreOffice 7.1.8 continues to be recommended for production teams, and will continue to do so until at least the release of LO 7.2.5.