303

LibreOffice learns to speak Markdown in version 26.2 (www.theregister.com)

submitted 4 days ago by Zerush@lemmy.ml to c/opensource@lemmy.ml

14 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] ClassyHatter@sopuli.xyz 53 points 4 days ago

Hopefully it doesn't have any Remote Code Execution vulnerabilities, like Microslop's implementation had.

[-] jdnewmil@lemmy.ca 21 points 4 days ago

How in the world did they manage that? Did they implement it internally as a TCP API and expose it?

[-] warmaster@lemmy.world 28 points 4 days ago

It was like:

Hey Copilot, add Markdown support in Word

Sure thing Satya! There you have it, I made sure not to add any vulnerabilities like you always tell me.

[-] ClassyHatter@sopuli.xyz 32 points 4 days ago

I don't know the technicalities, but Markdown supports links, and it's possible to craft a link that downloads a file and then executes it. You can look up the Notepad.exe RCE vulnerability from this year.

[-] thorhop@sopuli.xyz 20 points 4 days ago

Basically Notepad would pass the link to ShellEx and could launch executables.

[-] jol@discuss.tchncs.de 4 points 4 days ago

They probably vibe coded it, and only copilot reviewed and merged the code.

this post was submitted on 09 Mar 2026

303 points (100.0% liked)

Open Source

45331 readers

52 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 6 years ago

MODERATORS

Cloak@lemmy.ml

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml